Table of contents
concept note
firewall
A firewall is a network security device or software used to monitor and control network traffic and protect the network from malicious attacks and unauthorized access. A firewall can filter and block network traffic based on predefined rules and policies. It can check the data packets entering and leaving the network, and decide whether to allow them to pass according to the configured rules. A firewall can block malware, network attacks, and unauthorized access, increasing the security of your network.
The port number
A port number is a number used to identify a specific application or service on a network. In network communication, a computer uses an IP address to identify itself, and an application or service uses a port number to identify itself. The port number is a 16-bit number ranging from 0 to 65535. There are some reserved port numbers for common port numbers. For example, the port number used by HTTP is 80, and the port number used by HTTPS is 443. The function of the port number is to deliver the data packet to the correct application or service in the network, so that the network communication can proceed normally.
Provide services
- The role of the firewall is to protect network security, it can filter and block network traffic that does not comply with the rules, and prevent malicious software and attackers from invading the network. Firewalls can set rules to restrict access to specific IP addresses or port numbers, thereby improving network security.
- The function of the port number is to identify the application or service in the network, so that the data packet can be correctly delivered to the target application or service. When the computer receives a data packet, according to the destination port number in the data packet, the data packet is passed to the corresponding application or service for processing. Different applications or services use different port numbers to communicate to avoid conflicts and confusion.
Specific classification
Classification of ports:
Transport layer protocol: According to the transport layer protocol used, ports can be divided into TCP ports and UDP ports. TCP (Transmission Control Protocol) ports are used for reliable, connection-oriented communication, while UDP (User Datagram Protocol) ports are used for connectionless communication.
Well-known port: A well-known port refers to a port number used by a standardized application or service, and its value ranges from 0 to 1023. For example, the port number used by HTTP is 80, and the port number used by HTTPS is 443.
Registered port: The registered port refers to the port number used by non-standardized applications or services, and the value range is from 1024 to 49151.
Dynamic/private port: A dynamic port (also known as a private port) refers to a port number dynamically assigned to a client application by the operating system, and its value ranges from 49152 to 65535.
Classification of firewalls:
Network layer firewall: Network layer firewall (also known as packet filtering firewall) is the most basic type of firewall. It determines whether to allow data packets by checking the source IP address, destination IP address, protocol type and port number of the data packet. pass.
Application-layer firewall: Application-layer firewalls (also known as proxy firewalls) work at the application layer, enabling deep inspection and control of communication for specific applications. It can inspect application layer protocols (such as HTTP, FTP), and filter and block according to rules and policies.
Stateful inspection firewall: A stateful inspection firewall (also known as a stateful firewall) tracks and maintains the state of network connections. It can detect the establishment, termination and state changes of network connections, and filter and control according to the state of the connection.
Next-generation firewall: Next-Generation Firewall (NGFW) combines traditional firewalls and other security technologies, such as intrusion detection and prevention systems (IDS/IPS), virtual private networks (VPNs), and more. It provides stronger security features capable of detecting and blocking more sophisticated threats.
Concrete operation
firewall operation
View firewall status
systemctl status firewalld
Turn on the firewall
systemctl start firewalld
turn off firewall
systemctl stop firewalld
restart firewall
firewall-cmd --reload
If it cannot be opened, execute first:
systemctl unmask firewalld.service
then execute
systemctl start firewalld.service
port number operation
1. Open the specified port number
firewall-cmd --add-port=XXX/tcp --permanent
2. Restart the firewall
firewall-cmd --reload
3. Check whether the specified port number is opened successfully
firewall-cmd --query-port=XXX/tcp
summary improvement
Firewalls are used to protect network security by filtering and blocking network traffic to prevent malicious attacks and unauthorized access; while port numbers are used to identify applications or services in the network so that data packets can be correctly delivered to the target application or service .
