Linux Tutorials - Herong's Tutorial Examples - v5.45, by Herong Yang
Network Firewall Tools on CentOS
This section provides quick descriptions on 3 major network firewall tools, 'firewalld/firewall-cmd', 'nftables/nft', and 'iptables' on CentOS 8 systems.
After connecting your CentOS system to the Internet, you need to review and revise firewall settings to protect your system.
CentOS system uses a number tools to manage the network firewall. Here are 3 major ones:
1. "firewalld" and "firewall-cmd" - A firewall daemon and a CLI (Command Line Interface) works together as a frontend tool to manage the network firewall. "firewalld" uses "nftables/iptables" as the backend engine.
2. "nftables" and "nft" - A firewall daemon and a CLI (Cammand Line Interface) works together as a backend engine for packet filtering and classification. "nftables" uses "/etc/nftables" directory to store its rules. "nftables" is installed on CentOS 8 by default to replace "iptables".
3. "iptables" - A basic administration tool for IPv4/IPv6 packet filtering and NAT (Network Address Translation) in the Linux kernel. "iptables" uses "/usr/sbin/iptables" to store its rules. "iptables" is now replaced by "nftables" on CentOS 8 systems.
Here is diagram that shows how firewalld, nftables/iptables and other tools are related to each other (source: https://firewalld.org).
Table of Contents
Cockpit - Web Portal for Administrator
SELinux - Security-Enhanced Linux
Setup Ethernet Connection on CentOS
►Network Firewall Tools on CentOS
"firewalld" and "firewall-cmd" on CentOS
Manage Multiple Firewall Zones
"nftables" and "nft" on CentOS
"nmap" - Network Mapper on CentOS
Monitor Network Services on CentOS
"ifconfig" - Trace Routes to Remote Host
"traceroute" - Trace Routes to Remote Host
"netstat" - Display Network Statistics
SSH Protocol and ssh/scp Commands
Software Package Manager on CentOS - DNF and YUM
vsftpd - Very Secure FTP Daemon