Practitioner Level

Using 'firewalld' for Advanced Packet Filtering

Pricing
1 hour
  • 2 Learning Objectives

About this Hands-on Lab

Managing a local firewall is something pretty much every Linux admin is going to have to do during their career.
Many operating systems have adopted firewalld as the local firewall management system moving forward. Setting this up can lead to a more secure server and increase security through your environment.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Block SSH but allow HTTP

Use the block zone to filter on specific hosts and ports.

You can run the following commands:

firewall-cmd --zone=block --add-source=10.0.1.101

firewall-cmd --zone=block --add-service=http

You can verify settings with:

firewall-cmd --info-zone=block

Allow ping

Since ping uses the ICMP protocol and not a specific port, we can’t just add a port or service.

We need to use a rich rule:

firewall-cmd --zone=block --add-rich-rule='rule protocol value="icmp" accept'

Contact SalesSee Pricing

Additional Resources

When launched, this Learning Activity will present you with (2) CentOS 7 servers and connection credentials for each.

The first one will function as the Apache Web Server and the second will function as a client. Once connected to the Apache Web Server, open your Activity Guide for instructions on completing this activity.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization