Home / Security / How to manage Fedora’s firewall without using the command line

How to manage Fedora’s firewall without using the command line

angry penguin

Raimund Linke/Getty Images

Over the past few years, I’ve changed my mind about the Fedora Linux distribution. For a long time, I regarded it as an operating system that was meant for people who already knew the ins and outs of Linux. But because of the hard work that’s been put in by the Fedora team, this distribution is now user-friendly — and that shift explains my change of heart.

But there’s one thing that I wouldn’t wish upon any new Linux user — the management of the firewall. Sure, Fedora’s ‘firewalld’ command line tool isn’t all that hard to use, but Linux users shouldn’t have to bother with the command line. And given how important cybersecurity has become, it’s important to not ignore the firewall on a computer — even if it runs Linux.

Also: The best VPN services (and how to choose the right one for you)

But what does a firewall do? Essentially, a firewall offers protection against unwanted attacks by blocking access to ports and services. Not only that, but firewalls can prevent unwanted traffic from getting out of your computer. This latter issue could be essential if your computer is compromised with a virus that attempts to infect other computers by sending out infected packets. 

When a firewall is enabled, it allows users to define what traffic is allowed in and out and what is not. The best way to approach a firewall is to deny all traffic in and out and then allow only specific traffic. For example, you could block all traffic in and out but allow web traffic in (if you’re running a web server). Or you could allow secure shell traffic in and even specify what IP addresses are given access.

Also: 6 simple cybersecurity rules to live by

Fortunately, there’s a handy GUI application that can be installed that prevents users from having to dive into the command line to manage Fedora’s firewall. 

Before we get started, I want to mention that this GUI can be a bit intimidating at first. But once you understand the basics, you’ll be able to manage the firewall without getting overwhelmed. Let’s dig in.

How to install the Firewall GUI

What you’ll need: You’ll only need three things for this task: a running instance of Fedora Linux, a user with sudo privileges, and a network connection. 

The first thing to do is open GNOME software (assuming you’re running Fedora with the default desktop environment). Once the app is open, search for firewall. You should see an entry named, simply, Firewall. Click install and, when prompted, type your sudo password.

The Firewall entry in GNOME Software.

Installing the Firewall GUI is as simple as a click of the mouse.

Jack Wallen/ZDNET

Now that the GUI is installed, you should find an icon for it in your Application Overview (or desktop menu). Click that entry and, when prompted, type your sudo password. The GUI will open and you’ll immediately think, “This is over my head.” Don’t panic.

Getting to know the Firewall GUI

The first thing you will need to know is that the GUI states near the bottom left corner, “Connection to firewalld established.” That means everything is working as it should.

Also: Two tricks that make using the Linux command line a lot easier

The next bit of information you need relates to the Configuration dropdown, which is near the top of the window. If you click that dropdown, you’ll see two options: Runtime, and Permanent. 

The difference is simple: Runtime means you’re configuring the firewall as it’s currently running and those changes will be lost when you reboot the machine. Permanent is exactly how it sounds — any changes you make will remain, even after a reboot.

The first thing you’ll do is switch the Configuration option to Permanent. Click the Configuration dropdown and select Permanent.

The Firewall GUI Configuration drop-down.

You can always use the Runtime option for testing and, once you know something works, switch to Permanent.

Jack Wallen/ZDNET

Next, we’re going to change the Default Zone. Essentially, each zone has an associated policy of trust. To simplify this, we’re going to go with the Home zone. To change the zone, click Options > Change Default Zone. From the popup, click home, and then OK.

The default Zone selector.

You can read up on what each zone does, but for our purposes, we’re keeping it simple.

Jack Wallen/ZDNET

Let’s say you’ve created a Samba share on your machine and you want to allow people to access it. For that process, you’ll need to enable certain services. Make sure the Zones tab is selected from the primary toolbar and then click the Services tab in the secondary. 

Also: The best Linux laptops for consumers and developers

Also make sure to select the Home zone in the middle panel and then, from the list of services, make sure to check the box for Samba. This step will automatically open the necessary ports for the Samba service (so you don’t have to bother looking up what ports need to be opened). 

The Firewall GUI main window.

Make sure to select the Samba service to open the required ports.

Jack Wallen/ZDNET

Once you’ve taken care of this step, click Options > Reload Firewall, and the changes will be applied. Because we’re working with the Permanent configuration, those changes will remain, even after a boot.

And that’s how you can manipulate the firewall on Fedora without having to use the command line. Although not as straightforward to use as the Ubuntu firewall GUI, you can manage the Fedora firewall without too much frustration, so long as you only use what you need.


Source link

About admin

Check Also

This botched migration shows why you need to deal with legacy tech

aire images/Getty Images While working on a piece about the talent crunch in cybersecurity, I ...

Leave a Reply

Your email address will not be published. Required fields are marked *