In the realm of network security, understanding and managing firewall rules is paramount. This is especially true when dealing with enterprise-level systems like Red Hat Enterprise Linux 8 (RHEL 8). RHEL 8 introduces a new firewall service called Firewalld, which is a dynamic, zone-based firewall service. Today, we're delving into the heart of Firewalld, exploring how to list and understand its rules.

Firewalld is designed to be flexible and adaptable, allowing you to manage your firewall rules in real-time. It uses zones to define the trust level of different network interfaces, making it easier to manage complex network setups. But before we dive into listing and managing rules, let's ensure Firewalld is running and enabled.

Checking Firewalld Status and Enabling It
Before we proceed, let's ensure Firewalld is active and running. You can check its status with the following command:

sudo systemctl status firewalld
If Firewalld is inactive, you can start and enable it using:
sudo systemctl start firewalld
sudo systemctl enable firewalld
Understanding Firewalld Zones

Firewalld uses zones to categorize network interfaces based on trust levels. The default zones are:
- home: For trusted networks like home or office.
- work: For semi-trusted networks like workplaces.
- public: For untrusted networks like hotels or cafes.
- internal: For trusted internal networks.
- external: For untrusted external networks.
You can list the current zones with:

firewall-cmd --get-zones
Listing Firewalld Rules
Now, let's explore how to list the rules within each zone. The command to list rules is:
firewall-cmd --list-all-zones
This command will display all the rules for all zones. If you want to list rules for a specific zone, use:

firewall-cmd --list-all --zone=zone_name
Here, replace zone_name with the name of the zone you're interested in.
Understanding Firewalld Rule Syntax




















Firewalld rules are defined in a specific syntax. They follow this general format:
firewall-cmd --permanent --zone=zone_name --add-rule=rule_syntax
Let's break down the syntax:
--permanent: This flag ensures the rule is persistent across reboots.--zone=zone_name: Specifies the zone where the rule will be added.--add-rule=rule_syntax: The actual rule to be added.
Rule Syntax Examples
Here are a few examples of rule syntax:
- Allow incoming traffic on port 22 (SSH):
firewall-cmd --permanent --zone=zone_name --add-service=ssh
- Allow incoming traffic on a specific IP address:
firewall-cmd --permanent --zone=zone_name --add-source=192.168.1.100/24
- Allow incoming traffic on a specific port (e.g., 8080):
firewall-cmd --permanent --zone=zone_name --add-port=8080/tcp
Remember, these rules are just examples. You can customize them to fit your specific needs.
Removing Rules
To remove a rule, use the --remove-rule flag instead of --add-rule. For example, to remove the SSH rule:
firewall-cmd --permanent --zone=zone_name --remove-service=ssh
After adding or removing rules, reload the firewall service to apply the changes:
sudo firewall-cmd --reload
Now, you're equipped with the knowledge to list, understand, and manage Firewalld rules in RHEL 8. As you navigate your network security journey, remember that regular audits and updates to your firewall rules are crucial to maintaining a robust defense against potential threats.