Shorewall is a firewall configuration tool for Linux systems that allows you to set up and manage a firewall using rules defined in plain text configuration files. Shorewall is available for Red Hat Enterprise Linux (RHEL) and CentOS systems.
To configure a firewall using Shorewall on a RHEL or CentOS system, follow these steps:
sudo yum install shorewall
On a RHEL or CentOS 8 system, you can use the following command:
sudo dnf install shorewall
Edit the Shorewall configuration files. Shorewall uses several configuration files to define the firewall rules. The main configuration file is /etc/shorewall/shorewall.conf, which specifies the location of the other configuration files. You can edit this file and the other configuration files to define the rules for your firewall.
Start Shorewall. Once you have edited the configuration files, start Shorewall using the following command:
sudo shorewall start
This will start the Shorewall firewall and apply the rules defined in the configuration files.
Test the firewall. You can test the firewall by attempting to access a network service that is blocked by the firewall rules. For example, if you have a rule that blocks access to port 80 (HTTP), you can try accessing a web server from a client machine. If the firewall is working correctly, the client should not be able to connect to the web server.
Enable Shorewall at boot. To make Shorewall start automatically when the system boots, you can enable it as a service. On a RHEL or CentOS 7 system, you can use the following command:
sudo systemctl enable shorewall
On a RHEL or CentOS 8 system, you can use the following command:
sudo systemctl enable --now shorewall