# Firewalld

Install and setup firewalld.

Cheat sheet [https://www.liquidweb.com/kb/an-introduction-to-firewalld/](https://www.liquidweb.com/kb/an-introduction-to-firewalld/)

## Install

The install is a simple apt install...

```
apt install firewalld
```

## Add firewall rules.

!!! RELOAD AFTER ADDING YOUR RULES, USE `firewall-cmd --reload` !!!



Allow ssh, http and https...

```
firewall-cmd --zone=public --permanent --add-service=ssh
firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https

```

Only allow a range of IPs...

```
firewall-cmd --zone=public --permanent --add-source=192.168.1.0/24
firewall-cmd --zone=public --permanent --add-source=192.168.156.0/24
firewall-cmd --zone=public --permanent --add-source=10.0.0.0/24
```

Sipgate...

```

firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.10.64.0/20" port protocol="udp" port="5060" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.116.112.0/20" port protocol="udp" port="5060" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="212.9.32.0/19" port protocol="udp" port="5060" accept'

firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.10.64.0/20" port protocol="udp" port="24000-26000" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.116.112.0/20" port protocol="udp" port="24000-26000" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="212.9.32.0/19" port protocol="udp" port="24000-26000" accept'

```

## List rules

To list all firewall rules.

```
firewall-cmd --list-all
```

## Status / State

```
firewall-cmd --state
```