Debian10 Firewalld Install - ewsdocker/ewsdocker.github.io GitHub Wiki

Debian 10 + FirewallD

    November 26, 2020.

Setup FirewallD.

Note:

Do Not install firewalld if you have installed the nftables firewall or you will be running 2 competing firewalls, and things won't work as expected.

Note:

The current release of iptables 1.8.2-4, in the buster main repository has a logic flaw (a.k.a. bug) that can keep the iptables-based firewall from running properly. This has been corrected jn iptables 1.8.3.

The following steps are recommended as a work-around until the buster main repository version of iptables is 1.8.3 or newer.

  1. Add the following line to the end of the apt/sources.list file: 
    echo "deb http://deb.debian.org/debian buster-backports main contrib non-free" >> /etc/apt/sources.list
  2. Reload the apt repositories: 
    apt-get -y update
  3. Install the newer version of iptables (version 1.8.5 on 2020-10-26) 
    apt-get -t buster-backports install -y iptables

Install and Enable firewalld

apt-get -y install firewalld  
systemctl enable firewalld.service  
systemctl start firewalld.service

Open some ports.

firewall-cmd --zone=public --permanent --add-service=http  
firewall-cmd --zone=public --permanent --add-service=https  
firewall-cmd --zone=public --permanent --add-port=8000/tcp  
firewall-cmd --reload

Reboot and check the firewall status:

#firewall-cmd --zone=public --list-all  

public (default, active)  
interfaces: enp0s3 enp0s8 enp0s9  
sources:  
services: http https ssh  
ports: 8000/tcp  
masquerade: no  
forward-ports:  
icmp-blocks:  
rich rules:

Copyright (c) 2018-2020. EarthWalk Software. Licensed under the GNU General Public License, GPL-3.0-or-later.
(http://www.gnu.org/licenses/.) Last edited: 2020-10-26.

⚠️ **GitHub.com Fallback** ⚠️