The SuSEfirewall2 package can be installed with the following command:
$ sudo zypper install SuSEfirewall2
The SuSEfirewall2 service can be enabled with the following command:
$ sudo systemctl enable SuSEfirewall2.service
Check the firewall configuration for any unnecessary or prohibited
functions, ports, protocols, and/or services by running the following
command:
# grep ^FW_ /etc/sysconfig/SuSEfirewall2
FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"
Ask the System Administrator for the site or program PPSM Component Local
Services Assessment (Component Local Services Assessment (CLSA). Verify the
services allowed by the firewall match the PPSM CLSA.