FedoraRHEL Based

How To Install FirewallD on Fedora 38

Install FirewallD on Fedora 38

In this tutorial, we will show you how to install FirewallD on Fedora 38. As a Fedora 38 user, you have access to a powerful firewall solution called FirewallD. This dynamic and efficient firewall not only provides robust protection but also offers easy configuration and management.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of FirewallD on a Fedora 38.

Benefits FirewallD

  1. Enhanced Security: FirewallD’s stateful packet filtering allows you to control inbound and outbound network traffic effectively, preventing unauthorized access and malicious activities.
  2. Easy Configuration and Management: FirewallD provides a simple and intuitive command-line interface, making it easier for both novice and experienced users to set up and manage firewall rules.
  3. Dynamic Firewall Rules: FirewallD supports runtime modifications, enabling you to dynamically add, modify, or remove rules without interrupting network connectivity.
  4. Integration with D-Bus and SELinux: FirewallD seamlessly integrates with D-Bus, allowing other applications to interact with it. It also complements the SELinux security framework, providing an additional layer of protection.


  • A server running one of the following operating systems: Fedora 38.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for FirewallD.
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install FirewallD on Fedora 38

Step 1. Before we can install FirewallD on Fedora 38, it’s important to ensure that our system is up-to-date with the latest packages. This will ensure that we have access to the latest features and bug fixes and that we can install FirewallD without any issues:

sudo dnf update

Step 2. Installing FirewallD on Fedora 38.

Once your system is up-to-date, you can proceed with the installation of FirewallD. Execute the following command in the terminal:

sudo dnf install firewalld

This command will download and install FirewallD along with its dependencies.

After the installation is complete, start the FirewallD service and enable it to start automatically at system boot. Run the following commands:

sudo systemctl start firewalld
sudo systemctl enable firewalld

Step 3. Basic FirewallD Configuration.

  • Understanding Zones.

FirewallD uses zones to categorize network connections based on their trust level. By default, Fedora 38 includes several predefined zones, such as ‘public,’ ‘internal,’ ‘external,’ and ‘dmz.’ Each zone has its own set of rules to govern traffic.

  • Checking the Default Zone:

To view the currently active zone, execute the following command:

sudo firewall-cmd --get-default-zone

The command will display the active zone name, such as ‘public.’

  • Modifying the Default Zone:

If needed, you can change the default zone using the following command:

sudo firewall-cmd --set-default-zone=<zone>
  • Assigning Interfaces to Zones:

To allow FirewallD to control network traffic on specific interfaces, you must assign those interfaces to the appropriate zones. Use the following command:

sudo firewall-cmd --zone=<zone> --add-interface=<interface>

Replace <zone> with the desired zone name and <interface> with the network interface, you want to assign.

  • Enabling and Disabling Services:

FirewallD allows you to enable or disable specific services. For example, to enable SSH access, use the following command:

sudo firewall-cmd --zone=<zone> --add-service=ssh --permanent

Step 4. Advanced FirewallD Configuration.

  • Creating Custom Firewall Rules:

FirewallD provides flexibility in creating custom rules. You can allow or deny specific ports, protocols, or IP addresses. The following command demonstrates how to allow traffic on a specific port:

sudo firewall-cmd --zone=<zone> --add-port=<port>/tcp --permanent

Replace <zone> with the desired zone name and <port> with the port number.

  • Modifying and Removing Rules:

To modify an existing rule, use the --add-rich-rule option with the desired modifications. To remove a rule, use the --remove-rule option. Consult the FirewallD documentation for detailed syntax and examples.

Step 4. FirewallD Examples and Use Cases.

  • Example 1: Allowing SSH Access:

To allow SSH access through FirewallD, execute the following commands:

sudo firewall-cmd --zone=<zone> --add-service=ssh --permanent
sudo firewall-cmd --reload

This example enables SSH access on the specified zone and reloads the firewall to apply the changes.

  • Example 2: Blocking Specific IP Address:

To block a specific IP address, use the following command:

sudo firewall-cmd --zone=<zone> --add-rich-rule='rule family="ipv4" source address="<IP_ADDRESS>" reject' --permanent
sudo firewall-cmd --reload

Replace <zone> with the desired zone name and <IP_ADDRESS> with the IP address, you want to block. The command adds a rich rule to reject packets from the specified IP address and reloads the firewall to enforce the rule.

Step 5. Troubleshooting FirewallD Issues.

  • Checking FirewallD Status and Logs:

To check the status of firewalld, execute the following command:

sudo systemctl status firewalld
This command provides information about the service, including whether it is running or encountering any issues. Additionally, FirewallD logs are available for troubleshooting purposes.
  • Common FirewallD Problems and Solutions:
  1. Network Connectivity Issues: Ensure that FirewallD rules allow necessary traffic and that the correct zones are assigned to the interfaces.
  2. Application Access Problems: If an application is unable to connect, verify that the associated service is enabled in FirewallD and that the appropriate ports are open.
  3. Incorrect Rule Syntax: Double-check the syntax of custom rules and verify that they conform to the FirewallD requirements.
Congratulations! You have successfully installed FirewallD. Thanks for using this tutorial for installing FirewallD on your Fedora 38 system. For additional help or useful information, we recommend you check the official FirewallD website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Back to top button