How to Configure the FirewallD Webmin Module

The FirewallD Webmin module, not to be confused with the Firewalld application firewall, allows system administrators to manage iptables firewall rules within the Webmin dashboard instead of the command-line interface (CLI). It is much less complicated than the Linux IPTables Firewall module. The module is also somewhat similar in user experience (UX) to the official firewall-config application for Linux PCs.

Remember to create a Webmin backup or snapshot before making major changes to your server.

The FirewallD module is included natively in the base Webmin installation. It even imports your current Firewalld settings automatically. Below we’ll cover how to:

Enable the FirewallD Webmin Module

  1. SSH into your server.
  2. Ensure Firewalld is installed. The easiest method is to use Systemd:
    systemctl status firewalld
  3. If you’re installing it now, ensure you open port 10000 (for Webmin) and your SSH port (if you changed it from “22”):
    firewall-cmd --permanent --add-port=10000/tcp
    Reload Firewalld:
    firewall-cmd --reload
  4. Ensure Firewalld is running, or started:
    firewall-cmd --state
    systemctl start firewalld
  5. Log into your Webmin dashboard.
  6. On the left, search for and select FirewallD.
  7. Make necessary changes as discussed below and select Apply Configuration.
FirewallD Webmin module options
Have full control of your environment and deploy the best operating and management systems that fit your needs with our reliable Cloud VPS solutions!

Configure the FirewallD Webmin Module

You can read our Firewalld configuration guide for more information on common firewall features. Below we’ll cover important FirewallD module tasks for server hardening.

Switch Zones

Firewalld zones are rule sets you can quickly switch between for specific circumstances. Most default rule sets (e.g. trusted and work) are more applicable to securing Linux desktops than a single web server. You can configure a zone per your needs from the Show rules in zone drop-down menu. You can also set a default zone, delete zones, and add zones.

For basic usage, stick with the public zone.

Add Services for Ports

Firewalld refers to ports commonly used for a specific application as services. It’s best to search for ports as a service first for easier management in complex setups.

  1. Ensure you’re in the correct zone.
  2. Select Add allowed service.
  3. Search for the service you need to allow from the drop-down menu.
  4. Select Create.
  5. Once you’ve finished making changes, select Apply Configuration.

Open Ports

If you need to open a unique port or port range, you’ll need to use the Add Port option.

  1. Select Add allowed port.
  2. Specify the single port or port range.
  3. Select the correct protocol – TCP or UDP.
  4. Select Create.
  5. Once you’ve finished making changes, select Apply Configuration.

Disable Firewalld

If you need to disable Firewalld for troubleshooting at any point, simply select Stop FirewallD. You’ll receive the notification “Failed to list zones : FirewallD is not running.” You won’t be able to see the FirewallD module settings again until you enable Firewalld from the terminal:

systemctl start firewalld

The radio buttons to Change this option to control whether your firewall is activated at boot time or not are the GUI equivalent to the Systemd command: 

systemctl enable firewalld

Learn more about server management from our Cloud Server Hosting Product Guide.

J
Jacqueem Technical Writer

Technical writer focused on cybersecurity and musicianship.

More Articles by Jacqueem

Was this article helpful? Let us know!