RHEL BasedRocky Linux

How To Install Firewalld on Rocky Linux 9

Install Firewalld on Rocky Linux 9

In this tutorial, we will show you how to install Firewalld on Rocky Linux 9. For those of you who didn’t know, Firewalld is a firewall service daemon that provides a dynamic customizable host-based firewall with a D-Bus interface. In addition, the program offers a variety of other features that make it a valuable tool for keeping your system secure, including the ability to create custom rules and view detailed log files.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Firewalld on Rocky Linux. 9.


  • A server running one of the following operating systems: Rocky Linux 9.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install Firewalld on Rocky Linux 9

Step 1. The first step is to update your system to the latest version of the package list. To do so, run the following commands:

sudo dnf check-update
sudo dnf install dnf-utils epel-release

Step 2. Installing Firewalld on Rocky Linux 9.

By default, Firewalld is available on Rocky Linux 9 base repository. Now run the following command below to install the latest version of the Firewalld to your Rocky Linux system:

sudo dnf install firewalld

After installation, you’ll need to enable the service using systemctl. Keep in mind that enabling firewalld will cause the service to start up at boot:

sudo systemctl enable firewalld
sudo systemctl start firewalld

To confirm if the firewall is present, use the following command:

sudo firewall-cmd --version

In addition, you can install the graphical interface (GUI) for FirewallD. To begin the installation, use the following command below:

sudo dnf install firewall-config
sudo dnf install plasma-firewall-firewalld

Step 3. FirewallD Usage on Rocky Linux 9.

There are a few predefined zones, we can use with the command of Firewalld to configure various services and ports on the system. Here are those:

  • drop – Dropped all incoming connections without any reply and only allowed outgoing connections.
  • block – It is the same as the zone drop, but all incoming connections are blocked with  icmp-host- prohibited or icmp6-adm-prohibited messages.
  • public – It represents unreliable public areas.
  • external – External networks in the event that the firewall uses as the gateway. Because it is configured for NAT masquerading and internal network will remain private but accessible.
  • internal – Only accepted the selected incoming connections and it’s for the internal network.
  • DMZ – Demilitarized zone, it is publicly accessible to the internal network with limited access and accepted only selected incoming connections.
  • work – Using for work machines.
  • home – Using for home machines.
  • trusted – Accept all network connections.

By default, the public zone is the default zone after the firewall service is enabled. To list all available zones run:

firewall-cmd --get-zones

The below commands are used to change the default zone and verify.

firewall-cmd --set-default-zone=home
firewall-cmd --get-default-zone

Example of open HTTP port 80 and HTTPS port 443, and run the commands used to open temporarily:

firewall-cmd --zone=public --add-service=http
firewall-cmd --zone=public --add-service=https

Below are commands used to open permanently:

firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https

To implement the changes we need to reload the firewall with:

firewall-cmd --reload

Check for open ports/services:

firewall-cmd --list-all

To see the settings for particular information, such as services or ports, use a specific option. See the firewalld manual pages or get a list of the options using the command help:

firewall-cmd --help

In addition, you can launch the FirewallD GUI by accessing the following application path: Activities -> Show Applications -> Firewall:

Install FirewallD GUI

Congratulations! You have successfully installed Firewalld. Thanks for using this tutorial for installing Firewalld on your Rocky Linux 9 system. For additional help or useful information, we recommend you check the official Firewalld website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!


r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Back to top button