CentOS Stream 9: Firewall

By Fajar Vicky
step-1

Configure Firewall and SELinux

To Configure Firewall and SELinux on CentOS Stream Server, Configure like follows.

Initial Settings Firewall

Step [1] It's possible to display FireWall Service Status like follows. (enabled by default) 


[root@bizantum ~]# systemctl status firewalld
*  firewalld.service - firewalld - dynamic firewall daemon
     Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor>
     Active: active (running) since Fri 2021-11-25 20:29:20 JST; 5min ago
       Docs: man:firewalld(1)
   Main PID: 710 (firewalld)
      Tasks: 2 (limit: 4419)
     Memory: 41.6M
        CPU: 427ms
     CGroup: /system.slice/firewalld.service
             +- 710 /usr/bin/python3 -s /usr/sbin/firewalld --nofork --nopid

# [Active: active (running) ***] means firewalld is running now

Step [2] If you use FireWall service, it needs to modify FireWall settings manually because incoming requests for services are mostly not allowed by default. Refer to here for basic Firewall operation and settings. Configuration examples of CentOS Stream 9 on this site are based on the environment Firewalld service is always enabled.

Step [3] If you don't need FireWall service because of some reasons like that some FireWall Machines are running in your Local Netowrk or others, it's possible to stop and disable FireWall service on CentOS Stream server like follows.


# stop service
[root@bizantum ~]# systemctl stop firewalld
# disable service
[root@bizantum ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Initial Settings SELinux

Step [4] It's possible to display current SELinux (Security-Enhanced Linux) Status like follows. (enabled by default)


[root@bizantum ~]# getenforce
Enforcing     # SELinux is enabled

Step [5] If you enable SELinux, there are cases to modify SELinux policies manually because sometimes SELinux stops applications. Refer to here for basic SELinux operation and settings. Configuration examples of CentOS Stream 9 on this site are based on the environment SELinux is always Enforcing.


[root@bizantum ~]# useradd centos
[root@bizantum ~]# passwd centos
Changing password for user centos.
New UNIX password:              # input any password you'd like to set
Retype new UNIX password:       # confirm
passwd: all authentication tokens updated successfully.

Step [6] If you don't need SELinux feature because of some reasons like that your server is running only in Local safety Network or others, it's possible to disable SELinux like follows.


# disable SELinux
[root@bizantum ~]# grubby --update-kernel ALL --args selinux=0
# apply changes to restart computer
[root@bizantum ~]# reboot
# if falling back to enable, run like follows
[root@bizantum ~]# grubby --update-kernel ALL --remove-args selinux

Comments

Post a Comment

Thank you for your comment! We appreciate your feedback, feel free to check out more of our articles.
Best regards, Bizantum Blog Team.

Popular posts from this blog

What is Random Access Memory (RAM)?

What is Random Access Memory (RAM)?

Random Access Memory (RAM) is one of the essential components in computer hardware. RAM is responsible for storing and retrieving data quickly, which is why it is often referred to as the "working memory" of a computer. This memory allows the computer to perform various tasks efficiently by providing temporary space for data and instructions that are being processed by the processor. In this article, we will take a closer look at what RAM is, how it works, and why it is important for the overall performance of a computer system.
Continue reading
By Fajar Vicky
Top SEO Tools for Digital Marketing: A Comprehensive Guide

Top SEO Tools for Digital Marketing: A Comprehensive Guide

Introduction In today's digital landscape, search engine optimization (SEO) is a critical component for any business looking to enhance its online presence and drive organic traffic. With the myriad of SEO tools available, navigating the digital marketing space can seem daunting. To streamline your efforts and achieve optimal results, it's essential to leverage the right tools that cater to your specific needs.
Continue reading
By Fajar Vicky
What does a data analyst do?

What does a data analyst do?

Did you know that 2.5 quintillion bytes of data are created every day? That’s equivalent to 250,000 Libraries of Congress, or 5 million laptops! In this ocean of data, how do we make sense of it all? That’s where data analysts come in. Data analysts are the detectives of the digital world, using their skills and tools to uncover patterns, trends, and insights from data. They help businesses and organizations make informed decisions, solve problems, and seize opportunities. Whether it’s predicting customer behavior, optimizing marketing campaigns, improving healthcare outcomes, or enhancing educational experiences, data analysts play a crucial role in shaping our world.
Continue reading
By
What is DOS?

What is DOS?

Have you ever wondered how your computer knows what to do? The answer lies in the operating system, or OS. One of the oldest and most influential operating systems is DOS, or Disk Operating System. DOS is like a command center that tells the computer what to do and how to do it. Unlike modern operating systems, DOS uses text-based commands instead of graphical user interfaces. While it may seem simple and primitive, DOS is also fast, powerful, and flexible. However, it also has its drawbacks, such as its complexity and obsolescence. In this article, we will explore the fascinating world of DOS.
Continue reading
By
How To Get Started With No-Code and Low-Code

How To Get Started With No-Code and Low-Code

Imagine your boss asks you to develop custom software for your company. But you and your team don’t have the time or experience in coding. And there’s no developer available at the moment as well. Panicking? Well, don’t. With low code/no code programming, you don’t have to be a developer to do any programming-related task. In recent years, many platforms have made it possible for programmers with little to no development experience to deliver software while meeting the needs of professional developers under time pressure. Without worrying about the specifics of underlying operating systems or scalability needs,
Continue reading
By
What is Github?

What is Github?

GitHub is a powerful and widely-used web-based platform designed for version control and collaboration , especially for developers. Built upon Git, it allows users to store, manage, and track their code projects efficiently. Beyond its repository-hosting capabilities, GitHub fosters teamwork by enabling developers to work together seamlessly, review changes, and contribute to open-source projects from anywhere in the world. Whether you're a seasoned programmer or a beginner, GitHub provides essential tools to streamline coding and project management in one centralized platform. But what exactly is it? In this article, we’ll break down everything you need to know about this essential tool for collaborative coding.
Continue reading
By