Networking Task: Configuring firewalld, ufw, or iptables¶
Goal¶
Apply basic firewall policies to limit exposure and isolate traffic.
firewalld¶
firewall-cmd --get-active-zones
firewall-cmd --permanent --zone=public --add-service=ssh
firewall-cmd --reload
ufw (Ubuntu)¶
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw enable
iptables (legacy)¶
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP
Best Practices¶
- Use firewalld for RHEL/Alma systems
- Avoid mixing multiple firewall tools
- Backup rules
Tools¶
firewall-cmd,ufw,iptables-save,nft(modern replacement)