Linux Firewall Interview Questions¶

Introduction¶

These questions are written for practical Linux interviews. A strong answer explains the concept, names the command to run, and describes what output proves the system is healthy.

Beginner Questions¶

How do you start investigating this topic on a Linux server?

Start with read-only inspection and avoid changing configuration until you know the current state.

sudo firewall-cmd --state
sudo firewall-cmd --get-active-zones

What output tells you the system is healthy?

public (active)
services: cockpit dhcpv6-client ssh http

Intermediate Questions¶

What layers would you check next?

Check firewalld zone selection, runtime versus permanent rules, and listening processes. Explain the order and why each layer can cause the symptom.

sudo firewall-cmd --list-all
sudo ss -tulpn

Scenario-Based Questions¶

A production service is failing after a change. What do you do first?

Confirm the failure, inspect logs from the time of the change, validate configuration syntax, and roll back only if the fix is not clear.

sudo firewall-cmd --add-service=http --permanent

Practical Task Questions¶

Run the relevant status command, identify one abnormal line, and explain the fix. Show the service state, filesystem usage, route, firewall rule, or permission that proves your answer.

Quick Review¶

• Start with read-only inspection.
• Use logs to find the first real error.
• Validate configuration before restarting services.
• Verify the fix with command output, not assumptions.

Related Guides¶

• Linux Command Interview Questions
• Troubleshooting Interview Questions Linux
• RHCSA Interview Questions
• Linux Practical Test Questions

Summary¶

Good Linux interview answers are operational. Show the command, explain the output, name the likely cause, and describe the safest fix.