Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


How to manage Fedora's firewall without using the command line

If you're considering a migration to Linux and the Fedora distribution, then you'll want to know how to install and use the firewall GUI. Don't worry. It's not as hard as it looks.
Written by Jack Wallen, Contributing Writer
angry penguin
Raimund Linke/Getty Images

Over the past few years, I've changed my mind about the Fedora Linux distribution. For a long time, I regarded it as an operating system that was meant for people who already knew the ins and outs of Linux. But because of the hard work that's been put in by the Fedora team, this distribution is now user-friendly -- and that shift explains my change of heart.

But there's one thing that I wouldn't wish upon any new Linux user -- the management of the firewall. Sure, Fedora's 'firewalld' command line tool isn't all that hard to use, but Linux users shouldn't have to bother with the command line. And given how important cybersecurity has become, it's important to not ignore the firewall on a computer -- even if it runs Linux.

Also: The best VPN services (and how to choose the right one for you)

But what does a firewall do? Essentially, a firewall offers protection against unwanted attacks by blocking access to ports and services. Not only that, but firewalls can prevent unwanted traffic from getting out of your computer. This latter issue could be essential if your computer is compromised with a virus that attempts to infect other computers by sending out infected packets. 

When a firewall is enabled, it allows users to define what traffic is allowed in and out and what is not. The best way to approach a firewall is to deny all traffic in and out and then allow only specific traffic. For example, you could block all traffic in and out but allow web traffic in (if you're running a web server). Or you could allow secure shell traffic in and even specify what IP addresses are given access.

Also: 6 simple cybersecurity rules to live by

Fortunately, there's a handy GUI application that can be installed that prevents users from having to dive into the command line to manage Fedora's firewall. 

Before we get started, I want to mention that this GUI can be a bit intimidating at first. But once you understand the basics, you'll be able to manage the firewall without getting overwhelmed. Let's dig in.

How to install the Firewall GUI

What you'll need: You'll only need three things for this task: a running instance of Fedora Linux, a user with sudo privileges, and a network connection. 

1. Open GNOME Software

The first thing to do is open GNOME software (assuming you're running Fedora with the default desktop environment). Once the app is open, search for firewall. You should see an entry named, simply, Firewall. Click install and, when prompted, type your sudo password.

The Firewall entry in GNOME Software.

Installing the Firewall GUI is as simple as a click of the mouse.

Jack Wallen/ZDNET

2. Open Firewall

Now that the GUI is installed, you should find an icon for it in your Application Overview (or desktop menu). Click that entry and, when prompted, type your sudo password. The GUI will open and you'll immediately think, "This is over my head." Don't panic.

Getting to know the Firewall GUI

The first thing you will need to know is that the GUI states near the bottom left corner, "Connection to firewalld established." That means everything is working as it should.

Also: Two tricks that make using the Linux command line a lot easier

The next bit of information you need relates to the Configuration dropdown, which is near the top of the window. If you click that dropdown, you'll see two options: Runtime, and Permanent. 

The difference is simple: Runtime means you're configuring the firewall as it's currently running and those changes will be lost when you reboot the machine. Permanent is exactly how it sounds -- any changes you make will remain, even after a reboot.

1. Change the Configuration type

The first thing you'll do is switch the Configuration option to Permanent. Click the Configuration dropdown and select Permanent.

The Firewall GUI Configuration drop-down.

You can always use the Runtime option for testing and, once you know something works, switch to Permanent.

Jack Wallen/ZDNET

2. Change the Default Zone

Next, we're going to change the Default Zone. Essentially, each zone has an associated policy of trust. To simplify this, we're going to go with the Home zone. To change the zone, click Options > Change Default Zone. From the popup, click home, and then OK.

The default Zone selector.

You can read up on what each zone does, but for our purposes, we're keeping it simple.

Jack Wallen/ZDNET

3. Enable the necessary services

Let's say you've created a Samba share on your machine and you want to allow people to access it. For that process, you'll need to enable certain services. Make sure the Zones tab is selected from the primary toolbar and then click the Services tab in the secondary. 

Also: The best Linux laptops for consumers and developers

Also make sure to select the Home zone in the middle panel and then, from the list of services, make sure to check the box for Samba. This step will automatically open the necessary ports for the Samba service (so you don't have to bother looking up what ports need to be opened). 

The Firewall GUI main window.

Make sure to select the Samba service to open the required ports.

Jack Wallen/ZDNET

4. Reload the firewall

Once you've taken care of this step, click Options > Reload Firewall, and the changes will be applied. Because we're working with the Permanent configuration, those changes will remain, even after a boot.

And that's how you can manipulate the firewall on Fedora without having to use the command line. Although not as straightforward to use as the Ubuntu firewall GUI, you can manage the Fedora firewall without too much frustration, so long as you only use what you need.

Editorial standards