homelab/active/software_firewalld/firewalld.md

Firewalld

Notes

# Add a port
firewall-cmd --permanent --add-port=22/tcp

# List active zones
firewall-cmd --get-active-zones

# Set default zone
firewall-cmd --set-default-zone=drop

# Set zone for a specific subnet
firewall-cmd --permanent --zone=drop --add-source=10.244.0.0/16

# Get info about service
firewall-cmd --info-service=samba

# Get zone information
firewall-cmd --info-zone=drop

Inspecting Zones

# List all active rules
firewall-cmd --list-all

# Log all denies
firewall-cmd --set-log-denied=all