1 00:00:06,799 --> 00:00:11,655 Firewalling is about filtering incoming network traffic, and firewalling in Linux is implemented by 2 00:00:11,655 --> 00:00:16,510 the Linux kernel, so it's at the deepest level of the operating system. 3 00:00:17,089 --> 00:00:20,809 On Red Hat, Firewall D is used as a standard firewalling solution. 4 00:00:21,410 --> 00:00:27,120 And on Ubuntu it's ufw, the uncomplicated firewall, which is the default firewall. 5 00:00:27,679 --> 00:00:31,719 They are completely different solutions, so let's talk about both of them. 6 00:00:32,820 --> 00:00:38,289 To work with firewalld, start with firewall cmd. That's the main command line interface. 7 00:00:39,049 --> 00:00:43,974 To configure it, list all shows current configuration, and if you want 8 00:00:43,974 --> 00:00:48,899 to allow access to certain applications, you can use Firewall D services. 9 00:00:49,520 --> 00:00:55,075 Firewall cmd get services shows the available services, and Firewall CMD 10 00:00:55,075 --> 00:01:00,630 add service allows you to add a service to the firewall. 11 00:01:01,130 --> 00:01:07,849 Now, while working with firewalld, you need to know that it makes a difference between the runtime and the persistent configuration. 12 00:01:08,689 --> 00:01:12,400 To ensure that configuration modification survives a reboot, you need 13 00:01:12,400 --> 00:01:16,110 to add permanent to add to all the commands. 14 00:01:16,609 --> 00:01:22,525 So firewall cmd add surface HTTP permanent and use 15 00:01:22,525 --> 00:01:28,439 firewall cmd reload to reload the firewall configuration. 16 00:01:29,409 --> 00:01:29,989 Let me show you. 17 00:01:31,299 --> 00:01:38,079 So here we have firewall cmd list all, and that's showing the current configuration. 18 00:01:39,280 --> 00:01:44,173 So I want to enable a service, let's say HTTP, 19 00:01:44,173 --> 00:01:49,066 then I would need sudo firewall cmd get services to 20 00:01:49,066 --> 00:01:53,959 get an overview of these ready to use services. 21 00:01:55,090 --> 00:02:00,049 And somewhere in there there is HTTP. Look, there it is. 22 00:02:00,870 --> 00:02:06,250 So I need firewall cmd add service HTTP 23 00:02:06,250 --> 00:02:11,629 permanent to add it to the persistent configuration. 24 00:02:12,370 --> 00:02:17,473 Now, adding it to the persistent configuration doesn't change the here and now configuration. 25 00:02:17,473 --> 00:02:22,576 But if at this point we use sudo firewall cmd then it has become 26 00:02:22,576 --> 00:02:27,680 active at the moment and you can start using your HTTP servers. 27 00:02:28,379 --> 00:02:33,659 And that's how you can create basic configurations in firewalld. 28 00:02:34,900 --> 00:02:39,439 So on Ubuntu it's a different story. We have ufw, the uncomplicated 29 00:02:39,439 --> 00:02:43,979 firewall, and it was developed to work with an intuitive syntax. 30 00:02:45,060 --> 00:02:51,629 So you use sudo ufw enable to enable it and then sudo ufw 31 00:02:51,629 --> 00:02:58,199 to allow the SSH service, which will check for details about this service. 32 00:02:58,199 --> 00:03:04,769 In the val etc services, you can use sudo ufw redec out ssh 33 00:03:04,770 --> 00:03:11,340 to redact outgoing SSH traffic and sudo ufw status is giving status information. 34 00:03:11,919 --> 00:03:17,779 And if you regret rejecting the outgoing SSH traffic, well, you delete it using delete 35 00:03:17,779 --> 00:03:23,639 reject out ssh sudoufw reset will reset it in case you made a mess. 36 00:03:25,099 --> 00:03:31,310 App list will give you a list of applications and app info will tell you what's going on in an application. 37 00:03:31,870 --> 00:03:36,225 And then we have UFW logging on, which enables logging, which allows you to 38 00:03:36,225 --> 00:03:40,580 figure out what is going on in your firewall. Let's do a quick demo. 39 00:03:41,759 --> 00:03:45,389 So sudo UFW status is showing 40 00:03:45,389 --> 00:03:49,019 me what is giving me inactive. 41 00:03:49,599 --> 00:03:54,120 So if I want to enable it, then enable is what I need. 42 00:03:54,900 --> 00:04:00,180 So now it's active and enabled at startup and status is showing that it is active. 43 00:04:00,879 --> 00:04:06,686 Now I want to use sudo UFW allow SSH and that has 44 00:04:06,686 --> 00:04:12,493 added the rule. Do we see that in UFW status? Yeah, we 45 00:04:12,493 --> 00:04:18,300 can see that. And SSH is now allowed from anywhere. 46 00:04:19,560 --> 00:04:25,680 And if we want to reject the outgoing traffic, reject out ssh. 47 00:04:26,810 --> 00:04:27,009 Oops. 48 00:04:28,660 --> 00:04:34,157 And from now on we have added the rule and you can see that 49 00:04:34,157 --> 00:04:39,655 it is adding instead of the allow the reject out. So incoming SSH is 50 00:04:39,654 --> 00:04:45,152 allowed, outgoing SSH is not. And if you regret, and I would regret it 51 00:04:45,152 --> 00:04:50,649 because this is really inconvenient, just use delete to delete it again. 52 00:04:51,180 --> 00:04:55,199 Oh, I'm making a mistake. It's not delete out, it's delete reject out. 53 00:04:55,740 --> 00:04:57,639 And now the rule has been deleted. 54 00:04:58,740 --> 00:05:01,040 UFW also works with applications. 55 00:05:01,620 --> 00:05:06,410 So UFW app list is showing the applications. 56 00:05:06,949 --> 00:05:13,399 Why would you want to have these applications? Well, because in the applications you can have more complex configuration. 57 00:05:14,230 --> 00:05:19,930 So app info on Cups is showing what is going on. If you are working with 58 00:05:19,930 --> 00:05:25,629 the Cups print server now so far for the complex information, it's not complex at all. 59 00:05:26,279 --> 00:05:30,629 But you can use app add to add a complete application 60 00:05:30,629 --> 00:05:34,980 instead of these service based names that we just started with.