Firewalls

A firewall is a software or hardware device that monitors and filters the incoming and outgoing network traffic based on a set of rules. A firewall can help protect your computer from unauthorized access, malware, and other threats.

Windows Firewall

Windows Firewall is the built-in firewall for Windows operating systems. It allows you to block or allow specific applications, ports, and network types from accessing your computer. To configure Windows Firewall, you can use the Windows Security app or the firewall-cmd command-line tool.

To open the Windows Security app, click on the Start menu and type "Windows Security". Then, click on "Firewall & network protection". You will see the status of Windows Firewall and the network profiles: Domain network, Private network, and Public network. Each profile has different settings for allowing or blocking incoming connections.

To change the settings for a profile, click on it and then use the toggle switch to turn on or off Windows Firewall. You can also click on "Allow an app through firewall" to add or remove applications from the list of allowed apps. Alternatively, you can click on "Advanced settings" to open the Windows Defender Firewall with Advanced Security console, where you can create more detailed rules for inbound and outbound traffic.

To use the firewall-cmd command-line tool, you need to open a PowerShell or Command Prompt window as an administrator. Then, you can use the following syntax to manage Windows Firewall:

firewall-cmd [options] [command]

Some of the options are:

--zone=zonename : Specifies the network profile to apply the command to. The possible values are Domain, Private, and Public.

--permanent : Makes the changes persistent across reboots.

--add-port=port/protocol : Allows incoming traffic on the specified port and protocol.

--remove-port=port/protocol : Blocks incoming traffic on the specified port and protocol.

--add-service=servicename : Allows incoming traffic for the specified service.

--remove-service=servicename : Blocks incoming traffic for the specified service.

Some of the commands are:

--state : Shows the status of Windows Firewall.

--reload : Reloads the firewall configuration.

--list-all : Lists all the settings for the specified zone.

For example, to allow incoming traffic on port 80 (HTTP) for the Public network profile permanently, you can use this command:

firewall-cmd --zone=Public --permanent --add-port=80/tcp

To see all the settings for the Private network profile, you can use this command:

firewall-cmd --zone=Private --list-all

For more information about Windows Firewall, you can refer to this source:

https://support.microsoft.com/en-us/windows/turn-microsoft-defender-firewall-on-or-off-ec0844f7-aebd-0583-67fe-601ecf5d774f

macOS Firewall

macOS Firewall is the built-in firewall for macOS operating systems. It allows you to block or allow incoming connections from specific applications, services, or networks. To configure macOS Firewall, you can use the System Preferences app or the socketfilterfw command-line tool.

To open the System Preferences app, click on the Apple menu and select "System Preferences". Then, click on "Security & Privacy". Next, click on the "Firewall" tab. You will see the status of macOS Firewall and a lock icon at the bottom left corner. Click on the lock icon and enter your password to make changes on this screen. Then, click on "Turn On Firewall" or "Turn Off Firewall" to enable or disable macOS Firewall. You can also click on "Firewall Options" to open a window where you can add or remove applications from the list of allowed apps, enable stealth mode, or restore firewalls to default settings.

To use the socketfilterfw command-line tool, you need to open a Terminal window and enter your password with sudo. Then, you can use the following syntax to manage macOS Firewall:

sudo /usr/libexec/ApplicationFirewall/socketfilterfw [options] [arguments]

Some of the options are:

--setglobalstate on|off : Turns on or off macOS Firewall.

--setloggingmode on|off : Turns on or off logging for macOS Firewall.

--setstealthmode on|off : Turns on or off stealth mode for macOS Firewall.

--add path/to/application : Adds an application to the list of allowed apps.

--remove path/to/application : Removes an application from the list of allowed apps.

Some of the arguments are:

--getglobalstate : Shows the status of macOS Firewall.

--getloggingmode : Shows the logging mode of macOS Firewall.

--getstealthmode : Shows the stealth mode of macOS Firewall.

--listapps : Lists all the applications in the list of allowed apps.

For example, to turn on macOS Firewall and enable stealth mode, you can use these commands:

sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on

To see the status of macOS Firewall and the list of allowed apps, you can use these commands:

sudo /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate

sudo /usr/libexec/ApplicationFirewall/socketfilterfw --listapps

For more information about macOS Firewall, you can refer to these sources:

https://support.apple.com/guide/mac-help/change-firewall-settings-on-mac-mh11783/mac

https://www.macinstruct.com/tutorials/how-to-configure-your-macs-firewall/

https://appletoolbox.com/mac-firewall-what-is-it-do-you-need-it-how-to-use-it/

Linux Firewall

Linux Firewall is the generic term for the various firewall solutions available for Linux operating systems. One of the most popular and widely used firewall solutions is firewalld, which is the default firewall for many Linux distributions, such as Red Hat Enterprise Linux, Fedora, CentOS, and others. Firewalld allows you to manage your firewall using zones, services, ports, and rich rules. To configure firewalld, you can use the firewall-cmd command-line tool or the firewall-config graphical tool.

To use the firewall-cmd command-line tool, you need to open a Terminal window and enter your password with sudo. Then, you can use the following syntax to manage firewalld:

sudo firewall-cmd [options] [commands]

Some of the options are:

--zone=zonename : Specifies the zone to apply the command to. The possible values are block, dmz, drop, external, home, internal, libvirt, public, trusted, and work.

--permanent : Makes the changes persistent across reboots.

--add-service=servicename : Allows incoming traffic for the specified service.

--remove-service=servicename : Blocks incoming traffic for the specified service.

--add-port=port/protocol : Allows incoming traffic on the specified port and protocol.

--remove-port=port/protocol : Blocks incoming traffic on the specified port and protocol.

Some of the commands are:

--state : Shows the status of firewalld.

--reload : Reloads the firewall configuration.

--get-zones : Lists all the available zones.

--get-default-zone : Shows the default zone.

--list-all : Lists all the settings for the specified zone.

For example, to allow incoming traffic on port 80 (HTTP) for the public zone permanently, you can use this command:

sudo firewall-cmd --zone=public --permanent --add-port=80/tcp

To see all the settings for the home zone, you can use this command:

sudo firewall-cmd --zone=home --list-all

To use the firewall-config graphical tool, you need to open it from your desktop environment's menu or run it from a Terminal window with sudo. Then, you will see a window where you can select a zone from a drop-down menu and add or remove services, ports, and rich rules from the list. You can also change the default zone and enable or disable masquerading and logging. You need to click on "Options" and then "Reload Firewalld" to apply your changes.

For more information about firewalld, you can refer to these sources:

https://www.redhat.com/sysadmin/firewalld-linux-firewall

https://www.redhat.com/sysadmin/beginners-guide-firewalld

https://www.hostingclues.com/configuring-a-firewall-in-linux/