The default user interface for netfilter
, the kernel-based firewall, on RHEL7 is firewalld
. Administrators now have a choice to use firewalld
or iptables
to manage firewalls. Underlying either process, we can still implement the kernel-based netfilter
firewall. The frontend command to this new interface is firewall-cmd
. The main benefit this offers is the ability to refresh the netfilter
setting when the firewall is running. This is not possible with the iptables
interface; additionally, we are able to use zone management. This enables us to have different firewall configurations, which depends on the network we are connected to.
In this chapter, we will be cover the following topics:
The firewall status
Routing
The zone management
The source management
Firewall rules using services
Firewall rules using ports
Masquerading and the network address translation
Using rich rules
Implementing direct rules
Reverting to iptables