Amazon Linux 2 & Firewalld

Another one for the Things To Remember category … after creating a new Amazon Linux 2 instance, it’s important to update firewalld to allow http & https traffic.

To do this, you need to use the firewall-cmd CLI command:

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent
sudo firewall-cmd --reload

6 thoughts on “Amazon Linux 2 & Firewalld”

Mike H 12-December-2020 at 3:19 pm

What would you need http for?

Reply ↓

David Post author12-December-2020 at 3:30 pm

http to https redirection.

Reply ↓

Kieron B 13-May-2021 at 2:44 pm

Do you know if this is still relevant as of today?

firewall-cmd doesn’t seem to be installed on Amazon Linux 2 by default, and isn’t available on in the yum package manager or in amazon-linux-extras.

Reply ↓

David Post author13-May-2021 at 3:05 pm
It’s relavent as far as I can tell.

firewalld is availale as part of the amzn2-core repo.
```
firewalld-0.4.4.4-6.amzn2.0.1.noarch : A firewall daemon with D-Bus interface
                                     : providing a dynamic firewall
Repo        : amzn2-core
Matched from:
Filename    : /usr/bin/firewall-cmd
```
Reply ↓
1. Josh 21-May-2021 at 9:32 am
  
  But not installed by default and if you install it, it doesn’t setup the rules to block http/https.
  
  Reply ↓
  1. David Post author25-May-2021 at 9:53 am
    
    Well, you don’t want it to setup rules by default.
    
    When you start a firewall, it should allow all traffic except what block.
    
    Reply ↓

Geeky Ramblings

Random Ramblings of a Neo-Post-Modern Geek (I have no idea what that means)

6 thoughts on “Amazon Linux 2 & Firewalld”

Leave a Reply Cancel reply