Amazon Linux 2 & Firewalld

Another one for the Things To Remember category … after creating a new Amazon Linux 2 instance, it’s important to update firewalld to allow http & https traffic.

To do this, you need to use the firewall-cmd CLI command:

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent
sudo firewall-cmd --reload

6 thoughts on “Amazon Linux 2 & Firewalld

  1. Kieron B

    Do you know if this is still relevant as of today?

    firewall-cmd doesn’t seem to be installed on Amazon Linux 2 by default, and isn’t available on in the yum package manager or in amazon-linux-extras.

    Reply
    1. David Post author

      It’s relavent as far as I can tell.

      firewalld is availale as part of the amzn2-core repo.

      firewalld-0.4.4.4-6.amzn2.0.1.noarch : A firewall daemon with D-Bus interface
                                           : providing a dynamic firewall
      Repo        : amzn2-core
      Matched from:
      Filename    : /usr/bin/firewall-cmd
      
      Reply
        1. David Post author

          Well, you don’t want it to setup rules by default.

          When you start a firewall, it should allow all traffic except what block.

          Reply

Leave a Reply

Your email address will not be published. Required fields are marked *