Difference between revisions of "The Red Hat firewall"
From MyWiki
| Line 22: | Line 22: | ||
source address="1.2.3.4/32" \ | source address="1.2.3.4/32" \ | ||
port protocol="tcp" port="4567" accept" | port protocol="tcp" port="4567" accept" | ||
| + | Check the zone file later to inspect the XML configuration<br> | ||
| + | cat /etc/firewalld/zones/public.xml<br> | ||
Revision as of 11:03, 12 May 2016
less /etc/sysconfig/system-config-firewall
The configuration for firewalld is stored in various XML files in /usr/lib/firewalld/ and /etc/firewalld/. This allows a great deal of flexibility as the files can be edited, written to, backed up, used as templates for other installations and so on.
systemctl status firewalld
iptables-save service firewalld stop service firewalld start systemctl disable firewalld systemctl enable firewalld firewall-cmd
Reference - https://www.certdepot.net/rhel7-get-started-firewalld/
firewall-cmd --permanent --zone=trusted --add-source=192.168.2.0/24 firewall-cmd --reload firewall-cmd --zone=trusted --list-sources Note: Add the –permanent option if you only want to display permanent settings.
Example
firewall-cmd --zone=internal --add-service=ssh --permanent firewall-cmd --zone=internal --add-source=1.2.3.4/32 --permanent firewall-cmd --zone=public --remove-service=ssh --permanent firewall-cmd --reload
Rich rules
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" \ source address="1.2.3.4/32" \ port protocol="tcp" port="4567" accept"
Check the zone file later to inspect the XML configuration
cat /etc/firewalld/zones/public.xml
