Difference between revisions of "Red Hat / Centos firewall"

From MyWiki
Jump to: navigation, search
Line 7: Line 7:
 
cat /etc/firewalld/zones/public.xml
 
cat /etc/firewalld/zones/public.xml
 
</source>
 
</source>
'''Reference - https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7'''
+
'''Reference - https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7'''<br>
 
firewall-cmd --state<br>
 
firewall-cmd --state<br>
 
sudo systemctl start firewalld.service<br>
 
sudo systemctl start firewalld.service<br>

Revision as of 11:19, 19 July 2016

Try this command
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" \
source address="1.2.3.4/32" \
port protocol="tcp" port="4567" accept"
Check the zone file later to inspect the XML configuration
cat /etc/firewalld/zones/public.xml

Reference - https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7
firewall-cmd --state
sudo systemctl start firewalld.service
firewall-cmd --get-default-zone
firewall-cmd --get-active-zones
firewall-cmd --list-all
firewall-cmd --get-zones
firewall-cmd --zone=home --list-all
sudo firewall-cmd --zone=home --change-interface=eth0
firewall-cmd --get-active-zones

If the firewall is completely restarted, the interface will revert to the default zone:
   sudo systemctl restart firewalld.service
   firewall-cmd --get-active-zones
output
public
 interfaces: eth0 eth1

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0
ZONE=

sudo systemctl restart network.service
sudo systemctl restart firewalld.service

sudo firewall-cmd --set-default-zone=home

Adding services
firewall-cmd --get-services
/usr/lib/firewalld/services directory.

Retrieved from "https://wiki.twig.es/index.php?title=Red_Hat_/_Centos_firewall&oldid=3500"