×

This article covers how to set up UFW on Ubuntu 18.04 system. It advised to deny all the incoming connections except necessary ports. Uncomplicated Firewall or UFW is an interface to iptables that is designed to simplify the process of configuring a firewall. While iptables is a firm and flexible tool, it can be sometimes tricky for beginners to learn how to use it to properly configure a firewall. If a user is looking to get started securing his or her network, UFW may be the appropriate solution.


UFW is installed on Ubuntu by default. If it has been uninstalled for some reason, we can install it with the following command:

$ sudo apt install ufw

By default, UFW denies all incoming connections and allows all outgoing connections. It means that a client trying to reach our server would not be able to connect. When an application from our server tries to connect any other server outside, it will be allowed. The following commands serve the purpose:

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing



This article covers how to stop and disable FirewallD on your CentOS 7 system. Firewalld is a complete firewall solution that has been made available by default on all CentOS 7 servers. It is highly recommended that you have another firewall protecting your network or server before, or immediately after, disabling firewalld.


How to manage Firewalld ?

1. To disable firewalld, run the following command as root:

$ systemctl disable firewalld

2. To Stop Firewalld, execute the following command as root:

$ systemctl stop firewalld

3. To check the status of firewalld, run the following command as root:

$ systemctl status firewalld



This article covers how to disable FirewallD and install and iptables on CentOS 7 server. The iptables service stores configuration in /etc/sysconfig/iptables and /etc/sysconfig/ip6tables , while firewalld stores it in various XML files in /usr/lib/firewalld/ and /etc/firewalld/ . 

Note that the /etc/sysconfig/iptables file does not exist as firewalld is installed by default on Red Hat Enterprise Linux.

FirewallD is a complete firewall solution that can be controlled with a command-line utility called firewall-cmd. If you are more comfortable with the Iptables command line syntax, then you can disable FirewallD and go back to the classic iptables setup.


To Install and Use Iptables Linux Firewall:

1. Connect to your server via SSH.

2. Execute the following command one by one: 

$ sudo apt-get update 
$ sudo apt-get install iptables

3. Check the status of your current iptables configuration by running:

$ sudo iptables -L -v


Location of iptables rules on CentOS ?

CentOS 7 uses FirewallD by default. If you would like to manage iptables/ip6tables rules directly without using FirewallD, you may use the old good iptables-services service which will load the iptables/ip6tables rules saved in /etc/sysconfig/iptables and /etc/sysconfig/ip6tables when it is started during boot time.



This article covers how to configure and manage the FirewallD service on your CentOS system. A Linux firewall used to protect your workstation or server from unwanted traffic. You can set up rules to either block traffic or allow through. You can add or delete or update firewall rules without restarting the firewall daemon or service. The firewall-cmd act as a frontend for the nftables. In CentOS 8 nftables replaces iptables as the default Linux network packet filtering framework. 


To Start and enable firewalld, run the commands:

$ sudo systemctl start firewalld
$ sudo systemctl enable firewalld

To Stop and disable firewalld, run the commands:

$ sudo systemctl stop firewalld
$ sudo systemctl disable firewalld

To Check the firewalld status, run the command:

$ sudo firewall-cmd --state

To Command to reload a firewalld configuration when you make change to rules, run the command:

$ sudo firewall-cmd --reload

To Get the status of the firewalld service, run the command:

$ sudo systemctl status firewalld



This article covers the installation of Fail2ban and the configuration of an sshd filter. There are so many options to configure but we focused on the basic ones. Feel free to peruse the Fail2ban man pages by running man fail2ban to discover what more you can do with it.

Fail2ban is a free, open-source and widely used intrusion prevention tool that scans log files for IP addresses that show malicious signs such as too many password failures, and much more, and it bans them (updates firewall rules to reject the IP addresses). 

By default, it ships with filters for various services including sshd.


To install  and configure Fail2ban on CentOS/RHEL 8:

1. After logging into your system, access a command-line interface, then enable the EPEL repository on your system:

# dnf install epel-release

OR

# dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

2. Afterward, install the Fail2ban package by running the following command:

# dnf install fail2ban

3. To start and enable the fail2ban service for now and check if it is up and running using the following systemctl command:

# systemctl start fail2ban
# systemctl enable fail2ban
# systemctl status fail2ban



This article covers how to secure Red Hat Enterprise Linux 8 with UFW. UFW may not be intended to provide complete firewall functionality, but it does provide an easy way to create and manage simple firewall rules.

A firewall is a way to protect machines from any unwanted traffic from outside. 

It enables users to control incoming network traffic on host machines by defining a set of firewall rules. 

These rules are used to sort the incoming traffic and either block it or allow through.

Note that firewalld with nftables backend does not support passing custom nftables rules to firewalld, using the --direct option.


How to start, stop, restart firewalld service on an RHEL 8?

By now you know about firewalld zones, services, and how to view the defaults. It is time to activate and configure our firewall.

1. Start and enable firewalld

$ sudo systemctl start firewalld
$ sudo systemctl enable firewalld

2. Stop and disable firewalld

$ sudo systemctl stop firewalld
$ sudo systemctl disable firewalld

3. Check the firewalld status

$ sudo firewall-cmd --state

4. Command to reload a firewalld configuration when you make change to rules

$ sudo firewall-cmd --reload

5. Get the status of the firewalld service

$ sudo systemctl status firewalld


When to use firewalld, nftables, or iptables:

1. firewalld: Use the firewalld utility for simple firewall use cases. The utility is easy to use and covers the typical use cases for these scenarios.

2. nftables: Use the nftables utility to set up complex and performance critical firewalls, such as for a whole network.

3. iptables: The iptables utility on Red Hat Enterprise Linux 8 uses the nf_tables kernel API instead of the legacy back end. 

The nf_tables API provides backward compatibility so that scripts that use iptables commands still work on Red Hat Enterprise Linux 8. For new firewall scripts, Red Hat recommends to use nftables.



This article covers some common tools that can be used to check the open ports on a Linux system. It is important you verify which ports are listening on the server's network interfaces. You need to pay attention to open ports to detect an intrusion. 

Apart from an intrusion, for troubleshooting purposes, it may be necessary to check if a port is already in use by a different application on your servers. 

For example, you may install Apache and Nginx server on the same system. So it is necessary to know if Apache or Nginx is using TCP port # 80/443.


To check the listening ports and applications on Ubuntu Linux:

1. Open a terminal application i.e. shell prompt.

2. Run any one of the following command on Linux to see open ports:

$ sudo lsof -i -P -n | grep LISTEN
$ sudo netstat -tulpn | grep LISTEN
$ sudo ss -tulpn | grep LISTEN
$ sudo lsof -i:22 ## see a specific port such as 22 ##
$ sudo nmap -sTU -O IP-address-Here

For the latest version of Linux use the ss command. For example, ss -tulw


What is the netstat command ?

You can check the listening ports and applications with netstat as follows.

Run netstat command along with grep command to filter out port in LISTEN state:

$ netstat -tulpn | grep LISTEN

The netstat command deprecated for some time on Linux. Therefore, you need to use the ss command as follows:

$ sudo ss -tulw
$ sudo ss -tulwn
$ sudo ss -tulwn | grep LISTEN



This article covers method to Install and Use Firewalld in CentOS in order to increase the security of your Linux system. Note that the host-based firewall like firewalld is recommended by compliances like PCI DSS. 

FirewallD is a complete firewall solution that manages the system's iptables rules and provides a D-Bus interface for operating on them. Starting with CentOS 7, FirewallD replaces iptables as the default firewall management tool.

Firewalld services are predefined rules that apply within a zone and define the necessary settings to allow incoming traffic for a specific service.


How to install Firewalld on CentOS?

Firewalld is installed by default on CentOS 7, but if it is not installed on your system, you can install the package by running the command:

$ sudo yum install firewalld

Firewalld service is disabled by default. You can check the firewall status with:

$ sudo firewall-cmd --state

If you just installed or never activated before, the command will print not running. Otherwise, you will see running.

To start the FirewallD service and enable it on boot type:

$ sudo systemctl start firewalld
$ sudo systemctl enable firewalld


To open HTTP and HTTPS ports add permanent service rules to the dmz zone:

$ sudo firewall-cmd --permanent --zone=dmz --add-service=http
$ sudo firewall-cmd --permanent --zone=dmz --add-service=https

Make the changes effective immediately by reloading the firewall:

$ sudo firewall-cmd --reload

Zones provided by FirewallD:

1. drop: All incoming connections are dropped without any notification. Only outgoing connections are allowed.

2. block: All incoming connections are rejected with an icmp-host-prohibited message for IPv4 and icmp6-adm-prohibited for IPv6n. Only outgoing connections are allowed.

3. public: For use in untrusted public areas. You do not trust other computers on the network, but you can allow selected incoming connections.

4. external: For use on external networks with NAT masquerading enabled when your system acts as a gateway or router. Only selected incoming connections are allowed.

5. internal: For use on internal networks when your system acts as a gateway or router. Other systems on the network are generally trusted. Only selected incoming connections are allowed.

6. dmz: Used for computers located in your demilitarized zone that have limited access to the rest of your network. Only selected incoming connections are allowed.

7. work: Used for work machines. Other computers on the network are generally trusted. Only selected incoming connections are allowed.

8. home: Used for home machines. Other computers on the network are generally trusted. Only selected incoming connections are allowed.

9. trusted: All network connections are accepted. Trust all of the computers in the network.



This article covers how you can block/unblock ping requests to your Debian system. You will learn different ways for blocking/unblocking ping requests either temporarily or permanently.


The --query-icmp-block=<type> option can be used to determine if a type is confgured to allow or deny. 

The --add-icmp-block=<type> option can be used to block a certain type. 

The --remove-icmp-block=<type> option can be used to not block a certain type. 

After adding or removing a block, reload the firewall.


To block ping requests in Linux:

1. Edit /etc/sysctl.conf. Add the following line to your /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all=1. Then: sysctl -p.

2. Using iptables: iptables -I INPUT -p icmp --icmp-type echo-request -j DROP.

3. With cron. Run crontab -e as root, then add the following line: @reboot echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all.


To block ping in iptables:

1. Add a rule that tells the iptables firewall to block ping in and out of a server by controlling the ICMP requests.

2. Remove the rule that tells the iptables firewall to allow ping in and out of a server by controlling the ICMP requests.


To enable ping on Linux server?

# iptables -D INPUT -p icmp --icmp-type echo-request -j REJECT D : 

This command switch is used to delete the rule. Once the ping enabled, the server should now respond to ping requests



This article will guide you on how to list and remove/delete iptables pretrouting chain nat rules on your #Linux based system. The -D or --delete option delete one or more rules from the selected chain. There are two versions of this #command, the rule can be specified as a number in the chain or a rule to match. One of the ways to delete #iptables #rules is by rule specification. To do so, you can run the iptables command with the -D option followed by the rule specification.



This article will guide you on the steps to install openssh server (sshd) and clients on CentOS Linux using the yum command. The #ssh #command provides a secure encrypted connection between two hosts over an insecure #network. This connection can also be used for #terminal access, file transfers, and for tunneling other applications. Graphical X11 applications can also be run securely over SSH from a remote location.



This article will guide you on how to set up an OpenVPN server on Debian Linux 10 server.



In this article, you will learn how to set up an OpenVPN server on CentOS 8 Linux server.



In this article, you will learn how to install Squid and steps to configure the Squid Proxy port and adjusting the access control list.



This article will show you how to install and configure an NFS Server on CentOS 8 Machine, Our Server Experts will take you through the steps to create files on both the NFS Server and Client and enable you share files efficiently between two or more systems.



Here is a complete guide on how to configure the DNS caching-only server on CentOS 8.




More Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on IbmiMedia.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com