Shorewall is the default firewall application on ROSA Desktop Fresh R4, the latest edition of ROSA Desktop. See ROSA Desktop Fresh R4 KDE review.
This tutorial show how to replace it with FirewallD, a firewall application with support for network zones (also IP zones). FirewallD comes with a command line client (firewall-cmd), a graphical interface firewall-config and an applet appropriately named firewall-applet.
By default, Shorewall is disabled, but if you attempt to enable it using <strong>systemctl start shorewall</strong>, it will fail to start. And the reason systemd gives is that Shorewall lacks support for network zones. That’s why it’s important, if you intend to enable a firewall on ROSA Desktop Fresh R4 (recommended), that you replace Shorewall with FirewallD.
Note that because Shorewall is not enabled by default, you don’t necessary have to uninstall it. So to start, install FirewallD by issuing this command as root: <strong>urpmi firewall-applet</strong>. That should install all the components of FirewallD.
After installation, start the daemon with: <strong>systemctl start firewalld</strong>. Then start the applet by typing (as a standard user): <strong>firewall-applet</strong>. An icon for the applet should appear in the systray. This screenshot shows it on my test installation of ROSA Desktop Fresh R4 on real hardware.
And this one shows the main interface of firewall-config.
You may now choose a zone from the Firewall zone combo box of Plasma NM. This screenshot shows FirewallD’s built-in network zones as they are listed in the Firewall zone combo box of Plasma NM.
