LabEx
Log InJoin Free

Configure Firewall Using Firewall-CMD/Firewalld

Red Hat Enterprise LinuxBeginner
Practice Now

Introduction

As a system administrator, managing firewall settings is a critical task for securing your server. On Red Hat Enterprise Linux (RHEL), firewalld is the default firewall management tool, and it is configured using the firewall-cmd command-line utility. In this challenge, you will practice using firewall-cmd to configure firewall rules to control network traffic.

Configure the Firewall

Your task is to modify the active firewall rules to allow web traffic. The firewalld service is already running in your environment. You will need to add rules for standard web traffic ports and ensure these changes are permanent.

Tasks

  • Task 1: Check the current status of the firewalld service to ensure it is running.
  • Task 2: Add permanent firewall rules to allow http (port 80) and https (port 443) services.
  • Task 3: Reload the firewall configuration to apply the permanent changes to the runtime configuration.
  • Task 4: Verify that the http and https services are listed in the active firewall rules.

Requirements

  • All firewall modifications must be performed using the firewall-cmd command.
  • The rules for http and https must be added to the permanent configuration to survive reloads.
  • After reloading, the active configuration must show that http and https services are allowed.

Example

After you have successfully completed all tasks, the output of sudo firewall-cmd --list-all should include http and https in the services list, similar to the example below. Other details may vary.

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources:
  services: cockpit dhcpv6-client http https ssh
  ports:
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Hints

  • Use sudo firewall-cmd --state to check if the firewall is running. if the firewall is not running, you can start it by running sudo systemctl start firewalld.
  • To make a rule permanent, use the --permanent flag.
  • Permanent rules are not applied to the running configuration until you reload the firewall using sudo firewall-cmd --reload.

Summary

In this challenge, you have learned how to manage firewall rules on a Red Hat Enterprise Linux system using firewall-cmd. You practiced checking the firewall status, adding permanent service rules, reloading the firewall to apply changes, and verifying the active configuration. These are fundamental skills for any system administrator responsible for network security.

✨ Check Solution and Practice
Related Red Hat Enterprise Linux Courses
Red Hat System Administration (RH124) Certification Labs

Red Hat System Administration (RH124) Certification Labs

rhellinux
Red Hat System Administration (RH134) Certification Labs

Red Hat System Administration (RH134) Certification Labs

rhellinux
Red Hat Enterprise Linux Automation with Ansible (RH294) Certification Labs

Red Hat Enterprise Linux Automation with Ansible (RH294) Certification Labs

rhelansiblelinux