ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. firewalld
    Log in to post
    • All categories
    • Pete.S

      Solved How to use firewall-cmd to verify that tcp 80 & 443 is open?
      IT Discussion • firewalld firewall-cmd fedora rhel centos • • Pete.S

      27
      0
      Votes
      27
      Posts
      505
      Views

      scottalanmiller

      @Pete-S said in How to use firewall-cmd to verify that tcp 80 & 443 is open?:

      One thing that would be nice to have, something that I've used on hardware firewalls, is a command that will simulate packets through the firewall rules to see if they will pass or not.
      I've not seen something like that for iptables/netfilter.

      Not sure about simulating, but you can always send packets at it and use iptables -v to see the counters.

    • DustinB3403

      Solved CentOS 7 enabling Telnet
      IT Discussion • telnet centos firewalld troubleshooting ydmp yealink device management • • DustinB3403

      15
      0
      Votes
      15
      Posts
      2940
      Views

      dbeato

      @dustinb3403 said in CentOS 7 enabling Telnet:

      And I got the port forwarding to work.

      firewall-cmd --zone=public --add-forward-port=port=9090:proto=tcp:toport=23

      I can now telnet to my server on port 9090 (which forward to 23).

      Nice!

    • DustinB3403

      CentOS 7.5.1804 Firewalld Failure to run
      IT Discussion • firewalld firewall-cmd centos7 iptables bugzilla • • DustinB3403

      4
      2
      Votes
      4
      Posts
      1197
      Views

      jmoore

      @dustinb3403 ok got it, weird one

    • A

      Firewall Issue - VNC
      IT Discussion • firewall firewalld centos rhel linux vnc • • Alex Sage

      15
      0
      Votes
      15
      Posts
      1310
      Views

      dafyre

      Oops. 🙂

    • Lakshmana

      Open source Firewall
      IT Discussion • firewall router open source pfsense vyos linux freebsd endian smoothwall shorewall utm ip cop iptables firewalld ufw • • Lakshmana

      16
      0
      Votes
      16
      Posts
      2441
      Views

      Dashrender

      @Reid-Cooper said in Open source Firewall:

      pfSense was really good in the past. But I agree, the days of building your own firewall on an old PC that you have are over.

      Right - the cost just isn't worth running your old PC. Power alone will cost more than the cost of an ER-X or ER-L.

    • JaredBusch

      CentOS 7 1611 Minimal properly includes firewalld
      IT Discussion • centos centos 7 minimal 1511 1611 firewalld • • JaredBusch

      11
      3
      Votes
      11
      Posts
      1644
      Views

      StrongBad

      This is good. I'm sure many newbies miss the firewall currently because of 1511.

    • scottalanmiller

      Open Firewall Ports on CentOS 7 and RHEL 7
      IT Discussion • centos linux rhel centos 7 rhel 7 firewalld firewall security firewall-cmd • • scottalanmiller

      12
      3
      Votes
      12
      Posts
      2457
      Views

      coliver

      @stacksofplates said in Open Firewall Ports on CentOS 7 and RHEL 7:

      @coliver said in Open Firewall Ports on CentOS 7 and RHEL 7:

      @stacksofplates said in Open Firewall Ports on CentOS 7 and RHEL 7:

      @coliver said in Open Firewall Ports on CentOS 7 and RHEL 7:

      @scottalanmiller said in Open Firewall Ports on CentOS 7 and RHEL 7:

      @coliver said in Open Firewall Ports on CentOS 7 and RHEL 7:

      Did anyone ever figure out if there was a way to setup files for firewalld? Or was the XML service files the way to go?

      XML I think.

      That's what I was afraid of. We're using IPTables on all of our OEL7 servers right now but I think moving to the default firewalld may be a good idea. I'll have to look into the XML config and see how much more difficult, if at all, it is over the IPTables file. It's a shame we can't just copy a single file around anymore but the XML files probably won't be too much more difficult.

      Ya it's not bad at all. Here's the config from my Identity Management server. It's pretty similar to /etc/sysconfig/system-config-firewall on RHEL 6, just in zone specific XML files.

      <zone> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <service name="http"/> <service name="https"/> <service name="ntp"/> <service name="dhcpv6-client"/> <service name="kerberos"/> <service name="ldaps"/> <service name="ssh"/> <service name="dns"/> <service name="ldap"/> </zone>

      Those services are predefined right? You can also build your own services via the same process.

      Ya and you can define specific ports. I prob could have grabbed a better example.

      No, I think I've got it just need to investigate actually setting these up.

    • A

      firewalld issue
      IT Discussion • linux firewall firewalld • • Alex Sage

      4
      1
      Votes
      4
      Posts
      963
      Views

      A

      @travisdh1 Workaround? Use iptables? Fedora? CentOS6? Ubuntu? Hm.....

    • scottalanmiller

      CentOS 7 Open Firewall Ports Range on FirewallD
      IT Discussion • centos 7 linux rhel 7 firewalld firewall-cmd firewall iptables centos rhel • • scottalanmiller

      8
      2
      Votes
      8
      Posts
      18435
      Views

      travisdh1

      @scottalanmiller said:

      @JaredBusch said:

      @scottalanmiller said:

      @JaredBusch said:

      @scottalanmiller said:

      @JaredBusch said:

      While I have never made a how to with a port range, the basic firewalld syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.

      I would have thought that this was a colon, though, not a hyphen.

      I have never seen it commonly used with a colon to represent a range

      Native IPTables. 🙂

      I rarely work with native IPTables. That would explain a difference in point of view.

      Yeah, and for me I pretty much have done raw edits on /etc/sysconfig/iptables and never used external tools. Now with FirewallD I'm relearning the syntax for everything on Linux firewalls.

      Well, at least I'm not the only one then. Learning how to use firewall-cmd still feels a bit odd.