In the realm of network security, understanding and managing firewall rules is paramount. Oracle Linux, equipped with the firewalld service, offers a robust firewall solution. One of the most fundamental operations in firewalld is listing existing rules. Let's delve into the process of listing rules in Oracle Linux's firewalld service.

Before we proceed, ensure that the firewalld service is active and enabled. You can check its status using the following command:

sudo systemctl status firewalld
Understanding Firewalld Zones
In firewalld, rules are organized into zones. Zones are a way to group settings for different types of network connections. Understanding zones is crucial before listing rules.

Some predefined zones in Oracle Linux include 'home', 'work', 'public', and 'internal'. You can list all available zones using the following command:
sudo firewall-cmd --get-zones
Listing Rules in a Specific Zone

To list rules in a specific zone, use the following command, replacing 'zone_name' with the desired zone:
sudo firewall-cmd --list-all --zone=zone_name
This command will display all rules, including permanent and immediate (runtime) rules, for the specified zone.
Listing Rules for All Zones

If you want to list rules for all zones at once, you can use the following command:
sudo firewall-cmd --list-all-zones
This command will display rules for all zones, separated by the zone name.
Interpreting Firewalld Rules

Firewalld rules are listed in a specific format. Each rule consists of several fields, including protocol, port, source, destination, and more. Understanding these fields is essential for interpreting the listed rules.
Here's an example of a listed rule:




















target: ACCEPT
protocol: tcp
port: 22
source: 192.168.1.0/24
log prefix: "allowed"
This rule allows incoming TCP traffic on port 22 (SSH) from the 192.168.1.0/24 network, and logs the accepted traffic with the prefix "allowed".
Understanding Rule Targets
In firewalld, each rule has a target that determines its action. The most common targets are 'ACCEPT' and 'DROP'. 'ACCEPT' allows traffic, while 'DROP' rejects it.
Other targets include 'REJECT', which rejects traffic and sends an ICMP message back to the source, and 'MASQUERADE', used for SNAT (Source Network Address Translation).
Managing Rules with firewalld
Once you've listed and understood your firewall rules, you can manage them using the firewall-cmd tool. This includes adding, removing, and modifying rules, as well as setting default zones and more.
For instance, to add a rule allowing incoming traffic on port 80 (HTTP), use the following command:
sudo firewall-cmd --permanent --add-port=80/tcp
Remember to reload the firewalld service to apply permanent changes:
sudo firewall-cmd --reload
In the dynamic world of network security, understanding and managing firewall rules is an ongoing process. Regularly listing and reviewing your rules ensures your Oracle Linux system's security remains robust and up-to-date.