To configure a firewall using Shorewall under Red Hat Enterprise Linux (RHEL) / CentOS, you can follow these steps:
- Install Shorewall:
yum install shorewall
- Start the firewall and enable it to start at boot:
systemctl start shorewall
systemctl enable shorewall
- Configure the firewall rules: Shorewall rules are stored in the following files:
/etc/shorewall/policy: contains the default policies for incoming, outgoing and forwarded traffic./etc/shorewall/rules: contains the firewall rules.
- Test the firewall configuration:
shorewall check
- If the configuration is correct, restart the firewall to apply the changes:
systemctl restart shorewall
- Monitor the firewall logs: The firewall logs are stored in
/var/log/messages. You can monitor the logs in real-time using the following command:
tail -f /var/log/messages
Note: The Shorewall configuration syntax is powerful but can be complex. It’s recommended to carefully read the documentation and examples provided with Shorewall before making any changes.