Kedar Pattanshetti's Blog
☑️Day 19: Exploring Networking, Firewalls, and SELinux in Red Hat in Red Hat🚀

☑️Day 19: Exploring Networking, Firewalls, and SELinux in Red Hat in Red Hat🚀

Kedar Pattanshetti's photo
Kedar Pattanshetti
·

4 min read

🔹Table of Contents :

  • ✅Introduction

    • Overview of Networking, Firewalls, and SELinux in Red Hat

  • ✅Networking in Red Hat

    • Checking Network Interfaces

    • Configuring Network Interfaces

    • Testing Network Connectivity

  • ✅Firewall Management with firewalld

    • Starting and Enabling firewalld

    • Opening Ports for Services

    • Checking Firewall Status

  • ✅SELinux: Enhancing System Security

    • Checking SELinux Status

    • Switching SELinux Modes

    • Managing SELinux Contexts

  • ✅Practical Use Cases

    • Real-World Applications of Networking, Firewall, and SELinux

  • ✅Essential Commands from Day 19

    • Networking and Security Commands Overview

  • ✅Key Takeaways

    • Summary of Networking, Firewall, and SELinux Learnings

Welcome to Day 19 of my DevOps learning journey! Today’s focus was on networking, firewalls, and SELinux (Security-Enhanced Linux) in Red Hat Enterprise Linux (RHEL). These topics are essential for securing and managing Linux servers, especially in enterprise environments.

1. Networking in Red Hat

Understanding and managing network interfaces, IP addresses, and services is critical for ensuring that servers can communicate within a network. Here’s what I learned:

  • Checking Network Interfaces:
    The ip a command helps to view all network interfaces and their IP addresses.

  •   ip a

  • Useful for identifying the server's IP addresses and network connections.

  • Configuring Network Interfaces:
    To configure a static IP address or set network settings, I practiced editing the /etc/sysconfig/network-scripts/ifcfg-eth0 file.

    • This allows administrators to manually configure the network when automatic methods (like DHCP) aren’t suitable.

  • Testing Network Connectivity:
    I used the ping command to check if the server could reach another host.

  •   ping google.com

  • A simple but essential command to test network connectivity.

2. Firewall Management with firewalld

Managing the firewall is crucial for securing Red Hat systems from unauthorized access. I practiced configuring firewalls using firewalld.

  • Starting and Enabling firewalld:
    To start and enable the firewall service:

  •   sudo systemctl start firewalld
  sudo systemctl enable firewalld

  • This ensures the firewall runs and is enabled on boot, protecting the system.

  • Opening Ports for Services:
    Using firewall-cmd, I opened specific ports for services like HTTP (port 80) and HTTPS (port 443).

  •   sudo firewall-cmd --add-port=80/tcp --permanent
  sudo firewall-cmd --reload

    This allows specific traffic to pass through the firewall, like web traffic.

  • Checking Firewall Status:
    To verify the current firewall rules and status:

  •   sudo firewall-cmd --list-all

    This lists all the open ports, services, and zones in the firewall configuration.

3. SELinux: Enhancing System Security

SELinux adds an extra layer of security to the Linux system by controlling how processes and users interact with files and resources.

  • Checking SELinux Status:
    I used the sestatus command to see whether SELinux is enabled and its mode (enforcing, permissive, or disabled).

  •   sestatus

  • Switching SELinux Modes:
    I practiced changing SELinux between enforcing (strict) and permissive (logs violations but doesn’t block them).

  •   sudo setenforce 0   # Permissive mode
  sudo setenforce 1   # Enforcing mode

  • Managing SELinux Contexts:
    SELinux uses contexts to manage which processes can access which files. I learned how to view and modify file contexts using ls -Z and chcon.

  •   ls -Z /path/to/file   # View SELinux context
  sudo chcon -t httpd_sys_content_t /var/www/html   # Change context

4. Practical Use Cases

  • Networking: Configuring network interfaces, testing connectivity, and setting static IPs are everyday tasks for managing servers in enterprise environments.

  • Firewalls: Controlling access through the firewall helps protect systems from external threats while allowing necessary traffic.

  • SELinux: Enforcing strict security policies ensures that even if a service is compromised, the damage is contained within the SELinux rules.

5. Essential Commands from Day 19

  • ip a: View network interfaces and IP addresses.

      ip a

  • ping: Test network connectivity.

      ping google.com

  • systemctl start firewalld: Start the firewall service.

      sudo systemctl start firewalld

  • firewall-cmd --add-port: Open a specific port in the firewall.

      sudo firewall-cmd --add-port=80/tcp --permanent
  sudo firewall-cmd --reload

  • sestatus: Check SELinux status.

      sestatus

  • setenforce: Switch SELinux mode between enforcing and permissive.

      sudo setenforce 0   # Permissive
  sudo setenforce 1   # Enforcing

6. Key Takeaways

  • Networking: Understanding IP addresses and configuring network settings is crucial for server management.

  • Firewall Security: Managing firewall rules ensures the server is protected from unauthorized access while allowing necessary services to function.

  • SELinux: Adding an extra security layer with SELinux is essential in enterprise environments to prevent potential security breaches.

Today’s lessons were all about securing systems and managing networks effectively. I’m excited to continue building on this foundation as I progress through my DevOps journey!

Stay tuned as I continue to dive deeper into DevOps and Red Hat in the coming days!

Happy Learning!😊

#90DaysOfDevOps

#RHEL #Linux #Security #SystemMonitoring #DevOps #TechJourney #Day19 #User Management #Automation #File Permissions

💡
Follow for more updates on LinkedIn , GitHub and Twitter(X)
DevopsDeveloperDevops articlesautomation#TWSTrainWithShubham#shubhamLondheDevOps Journey#DevopscommunityengineeringfirewallredhatLinuxlinux for beginnerslinux-basics