This article is for those who want to learn the systemd units. The units need to work together and be started at the right time to ensure operational efficiency.
Firewalls are used to control incoming and outgoing packets, block unwanted packets from the outside and allow only certain applications to make new connections from the inside.
Thus the firewall must be running before any network is set up. The target identifying this point is network-pre.target, so we will start the firewall before network-pre.target.
network-pre.target is a passive unit, it only runs when another unit pulls it in. Here is the firewall service
Requires=network-pre.target, the target network-pre.target will be run
The firewall service is installed to be pulled in by the target
network.target, a special unit that is started during boot which indicates network functionality is available
firewall.service is the common firewall service that is enabled by default. If you want to run a firewall on a specific network interface, for example wlp3s0, run the following commands as the
systemctl stop firewall &&
systemctl start firewall@wlp &&
systemctl enable firewall@wlp
Share on Twitter Share on Facebook Share on Linked In
Can't see mail in Inbox? Check your Spam folder.