Confirm Firewall Configuration in RHEL 8
I’m fascinated by the improvements and new features in RHEL 8, plus it’s a primary distro used in most corporate environments – so expect to quite a number of posts related to it in the nearest future.
The default interface for managing firewalls in RHEL 8 is firewalld and specifically firewall-cmd command.
Show Active Zones in RHEL 8
There’s a concept of zones – security domains – in RHEL 8 firewalls. You assign each of available network interfaces on your Red Hat Enterprise Linux system to one or more of these domains.
That’s why the first step is to confirm these zones, to see which ones are actively managing access for each network device:
root@rhel8:~ # firewall-cmd --get-active-zones
List All Rules for Firewall Zone in RHEL 8
I’m interested in the primary physical network interface – enp2s0. It belongs to the home zone as per previous command, so that’s the zone we’ll list all the rules fore:
root@rhel8:~ # firewall-cmd --list-all --zone=home home (active) target: default icmp-block-inversion: no interfaces: enp2s0 sources: services: cockpit dhcpv6-client mdns samba-client ssh ports: 5901/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
From the output below, I have highlighted additionally enabled ports – 5901 is the one for VNC client that allows me to access graphics desktop session on my RHEL 8 PC remotely.
That’s it for today! Thanks for stopping by and talk soon!