CentOS Firewall Administration | utility system-config-firewall

Preliminary preparation

Use the system-config- tool, which will take the place of the present FirewallD, to configure the firewall on .

To do this, remove FirewallD from the OS autoload sector:

sudo systemctl stop firewalld.service

sudo systemctl disable firewalld.service

Now install the utility for further configuration:

sudo yum install system-config-firewall-tui

Firewall Configuration

After installation, run the initial setup:

sudo system-config-firewall-tui

A menu will appear on the screen to select further actions:

First, turn on the firewall mode, and then select the “Settings” item.

At the second step, we select from the list of services that are granted to the external network:

In our example, we enable and FTP. We press “Forward”.

The next paragraph suggests adding additional ports that are not standard:

The first point adds the port “from scratch”, i.e. The user sets the parameters himself. The second is for editing existing ones, and the third one removes the port from the list.

, let’s create port 8080 for the TCP protocol as follows:

The third step provides a list of network interfaces on the server platform. We mark only those items for which is necessary to provide full access to the external network:

The NAT capability for network interfaces is provided via the following menu. It is referred to as “Masquerade” in CentOS. The thing that calls for this mode is marked as follows:

Now let’s set up port forwarding. The configuration is similar to the point with the addition of new ports.

Next is ICMP filtering. The default setting does not block traffic. If you want to disable, select the item:

The last step is to create the rules. We add our own templates according to which the firewall will process traffic:

Select item one to start a new one where we will set the requirements. The current template is editable as the second action, and the selected rule is deleted as the third action. To go back to the main menu, click Close.

Now select “OK” to activate the changes made. The utility will display a warning message. If everything is correct, then we agree:

Installation completed, firewall activated.


Welcome to the world of DomainRooster, where roosters (and hens) rule the roost! We're a one-stop shop for all your entrepreneurial needs, bringing together domain names and website hosting, and all the tools you need to bring your ideas to life. With our help, you'll soar to new heights and hatch great success. Think of us as your trusty sidekick, always there to lend a wing and help you navigate the sometimes-complex world of domain names and web hosting. Our team of roosters are experts in their fields and are always on hand to answer any questions and provide guidance. So why wait? Sign up today and join the ranks of the world's greatest entrepreneurs. With DomainRooster, the sky's the limit! And remember, as the saying goes, "Successful people do what unsuccessful people are not willing to do." So don't be afraid to take that leap of faith - DomainRooster is here to help you reach for the stars. Caw on!