How to enable or disable firewall in SLES 15

Configuring and managing firewall has been changed from SUSEFirewall2 to firewalld in SLES 15. In this article, let’s have a look into some of the basic operations that can be performed with firewalld.

Unlike Ubuntu Server 18, all ports are blocked by default in SLES 15. Respective ports has to be explicitly opened to access key services like ssh and http from remote machine. RHEL, CentOS and Fedora uses firewalld for managing firewall and SLES is the new addition to that bandwagon.

The application name of firewalld service is firewall-cmd. To check the status of firewalld, execute the command firewall-cmd --stat with sudo in terminal. This would return a status as “running” if the service is up and running.

To view the list of services that are managed by firewalld, execute the command “firewall-cmd --list-services“. This would list out all the services that are managed by firewalld.

Now let’s see how to open firewall for ssh via service or port. Execute the below command in terminal to open “ssh” for remote access.

By Service

sudo firewall-cmd --permanent --zone=public --add-service=ssh
sudo firewall-cmd --reload

By Port

sudo firewall-cmd --permanent --zone=public --add-port=22
sudo firewall-cmd --reload

To enable access for web application, port 80 or “http” service has to be enabled. If the application is running in a different port other than port 80, that port has to be opened up in firewall for the application to be accessed from an external machine.

Start and Stop Firewall Service

sudo systemctl stop firewalld
sudo systemctl start firewalld

Disable and Enable Firewall Service

sudo systemctl disable firewalld
sudo systemctl enable firewalld

Having a proper network configuration is a pre-requisite for enabling firewall. Refer this article on network basics of virtual box, if you are running SLES in Oracle Virtual box.