Do not know how to Setup a Firewall

If you are new to Linux or new to Sabayon Linux and just not sure where to post, here ya go. Post without fear of being told to RTFM :)

Moderator: Moderators

Post Reply
Baby Hen
Posts: 1
Joined: Sun Aug 19, 2018 18:53

Do not know how to Setup a Firewall

Post by Zyklon » Sun Aug 19, 2018 18:58


I still don't understand how to setup a Firewall.

I am completely noob not only with Sabayon but Linux in general.

Can someone spare the time and guide me through this?

User avatar
Sagely Hen
Posts: 8188
Joined: Sat Mar 10, 2007 5:40
Location: United Kingdom

Re: Do not know how to Setup a Firewall

Post by Fitzcarraldo » Tue Aug 21, 2018 23:20

The systemd firewall service (firewalld) should already be enabled by default in Sabayon Linux. For example:

Code: Select all

sabayon /home/fitzcarraldo # systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2018-08-21 22:58:35 BST; 3min 50s ago
     Docs: man:firewalld(1)
 Main PID: 2001 (firewalld)
    Tasks: 2 (limit: 4915)
   CGroup: /system.slice/firewalld.service
           └─2001 /usr/bin/python2.7 -Es /usr/lib/python-exec/python2.7/firewalld --nofork --nopid

Aug 21 22:58:29 sabayon systemd[1]: Starting firewalld - dynamic firewall daemon...
Aug 21 22:58:35 sabayon systemd[1]: Started firewalld - dynamic firewall daemon.
If you want your installation to be able to access SMB shares on other devices on your network (see e.g. ... firewalld/):

Code: Select all

sabayon /home/fitzcarraldo # firewall-cmd --list-services
dhcpv6-client ssh
sabayon /home/fitzcarraldo # firewall-cmd --add-service=samba --permanent
sabayon /home/fitzcarraldo # firewall-cmd --list-services
dhcpv6-client ssh samba
sabayon /home/fitzcarraldo # systemctl restart firewalld.service
If you are using KDE and you want to be able to use KDEConnect (see e.g.

Code: Select all

sabayon /home/fitzcarraldo # firewall-cmd --zone=public --permanent --add-port=1714-1764/tcp
sabayon /home/fitzcarraldo # firewall-cmd --zone=public --permanent --add-port=1714-1764/udp
sabayon /home/fitzcarraldo # systemctl restart firewalld.service
To find out the firewalld zone of the network interface of your machine:

Code: Select all

sabayon /home/fitzcarraldo # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:98:a4:c3 brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic enp0s3
       valid_lft 85310sec preferred_lft 85310sec
    inet6 fe80::5d32:226:4358:48bb/64 scope link 
       valid_lft forever preferred_lft forever
3: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 6e:7b:55:14:68:d3 brd ff:ff:ff:ff:ff:ff
sabayon /home/fitzcarraldo # firewall-cmd --get-zone-of-interface=enp0s3
You can learn about the firewalld commands on the following pages:

Entering 'firewalld' etc. in a search engine will also find many articles with examples.

Post Reply