Protecting your EC2 instance can be accomplished in multiple ways, setting up rules through the AWS security group or installing a firewall directly on your EC2 instance. Today I’m going to show you how to install firewalld on Amazon Linux 2 and set up some basic rules.
Prerequisites
- Amazon Linux 2
- sudo privileges
Install firewalld on Amazon Linux 2
Step 1. As a first step update the system packages.
sudo yum update
Step 2. Now, install firewalld on Amazon Linux 2.
sudo yum install firewalld
Step 3. You can check the service status with:
systemctl status firewalld
Step 4. To start the service, run:
systemctl start firewalld
Step 5. By default, SSH connections are allowed, but anyway to list the services that are allowed, run:
firewall-cmd --permanent --list-all
Output:
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Enable HTTP and HTTPS on firewalld
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
If you list the allowed services you should see HTTP and HTTPS.
firewall-cmd --permanent --zone=public --list-services
Output:
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: cockpit dhcpv6-client http https ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Conclusion
If you need some specific services or rules to be enabled or disabled with firewalld please put a comment below.
Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.