Using a Simple Firewall in CentOS 6
Server - CentOS

The firewall has changed in CentOS 6 but it still provides a simple way of setting up a firewall. The first thing to do is install the tui.

yum install -y system-config-firewall-tui


Once it is installed then you can call the firewall with this command:



The firewall configuration no longer has the SELinux settings and it will take you through a number of steps to set up the firewall. Of course you will want to enable the firewall and then select “Customize” with the tab.

CentOS 6 Firewall Configuration


Use the space key to select the services to enable. The list is greatly expanded in the version for CentOS 6. The name that is used is coming from the file /etc/services which is a system file that connects a name with the port. So if you are wondering which port is being referenced you may review that file.

CentOS 6 Firewall Configuration Trusted Services


If the service is not listed you can use the “Forward” button to take you through the process of entering the port number and protocol that you would like to list. Here is an example showing the port and protocol.

CentOS 6 Firewall Configuration Port and Protocol


Once this is entered you should be able to see it listed in the interface. This provides flexibility in firewall configuration.

CentOS 6 Firewall Configuration Other Ports


You are able to list interfaces that should be trusted. This means that the firewall will not effect these interfaces. Be careful with this setting as it is easy to make a mistake and discover it too late. It makes sense in most cases not to trust any connections.

CentOS 6 Firewall Configuration Trusted Services


If you have multiple interfaces you can add rules to forward by choosing the “Add” option.

CentOS 6 Firewall Configuration Port Forwarding


You now also have an ICMP Filter so you are able to determine if other machines can ping your server for example. Often ping and traceroute are not allowed as this is giving away information to an attacker.

CentOS 6 Firewall Configuration Port Forwarding


Finish up the firewall configuration with any custom rules you would like to add.

CentOS 6 Firewall Configuration ICMP Filter


Save and now the CentOS firewall should be active.