Network Firewall Tools on CentOS

This section provides quick descriptions on 3 major network firewall tools, 'firewalld/firewall-cmd', 'nftables/nft', and 'iptables' on CentOS 8 systems.

After connecting your CentOS system to the Internet, you need to review and revise firewall settings to protect your system.

CentOS system uses a number tools to manage the network firewall. Here are 3 major ones:

1. "firewalld" and "firewall-cmd" - A firewall daemon and a CLI (Command Line Interface) works together as a frontend tool to manage the network firewall. "firewalld" uses "nftables/iptables" as the backend engine.

2. "nftables" and "nft" - A firewall daemon and a CLI (Cammand Line Interface) works together as a backend engine for packet filtering and classification. "nftables" uses "/etc/nftables" directory to store its rules. "nftables" is installed on CentOS 8 by default to replace "iptables".

3. "iptables" - A basic administration tool for IPv4/IPv6 packet filtering and NAT (Network Address Translation) in the Linux kernel. "iptables" uses "/usr/sbin/iptables" to store its rules. "iptables" is now replaced by "nftables" on CentOS 8 systems.

Here is diagram that shows how firewalld, nftables/iptables and other tools are related to each other (source: https://firewalld.org).

CentOS Firewall Tools - firewalld and nftables/iptables
CentOS Firewall Tools - firewalld and nftables/iptables

Table of Contents

 About This Book

 Introduction to Linux Systems

 Cockpit - Web Portal for Administrator

 Process Management

 Files and Directories

 Users and Groups

 File Systems

 Block Devices and Partitions

 LVM (Logical Volume Manager)

 Installing CentOS

 SELinux - Security-Enhanced Linux

Network Connection on CentOS

 Setup Ethernet Connection on CentOS

Network Firewall Tools on CentOS

 "firewalld" and "firewall-cmd" on CentOS

 Manage Multiple Firewall Zones

 "nftables" and "nft" on CentOS

 "iptables" Command on CentOS

 "nmap" - Network Mapper on CentOS

 Monitor Network Services on CentOS

 "ifconfig" - Trace Routes to Remote Host

 "traceroute" - Trace Routes to Remote Host

 "route" - Upate Routing Table

 "netstat" - Display Network Statistics

 "lsof" - List of Open Files

 Software Package Manager on CentOS - DNF and YUM

 vsftpd - Very Secure FTP Daemon

 Postfix - Mail Transport Agent (MTA)

 Dovecot - IMAP and POP3 Server

 Email Client Tools - Mail User Agents (MUA)

 LDAP (Lightweight Directory Access Protocol)

 Administrative Tasks

 References

 Full Version in PDF/EPUB