Adrian Sevcenco
2019-Dec-11 08:58 UTC
[CentOS] centos8 :: firewalld active but tables empty
Hi! I have a minimal installation of centos8 + packages for freeipa as a
vbox vm. there is something strange with the firewall rules :
[root at ldap ~]# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
[root at ldap ~]# firewall-cmd --get-active-zones
public
interfaces: enp0s17
[root at ldap ~]# firewall-cmd --state
running
[root at ldap ~]# firewall-cmd --zone=public --permanent --list-all
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: cockpit dhcpv6-client dns freeipa-ldap freeipa-ldaps http
https ssh
ports: 22/tcp 60000/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Does anyone know what is the problem or how can i fix this?
Thank you!
Adrian
> Hi! I have a minimal installation of centos8 + packages for freeipa as a > vbox vm. there is something strange with the firewall rules :I'm not sure but does CentOS 8 still use iptables? Regards, Simon> > [root at ldap ~]# iptables -S > -P INPUT ACCEPT > -P FORWARD ACCEPT > -P OUTPUT ACCEPT > > [root at ldap ~]# firewall-cmd --get-active-zones > public > interfaces: enp0s17 > > [root at ldap ~]# firewall-cmd --state > running > > [root at ldap ~]# firewall-cmd --zone=public --permanent --list-all > public > target: default > icmp-block-inversion: no > interfaces: > sources: > services: cockpit dhcpv6-client dns freeipa-ldap freeipa-ldaps http > https ssh > ports: 22/tcp 60000/tcp > protocols: > masquerade: no > forward-ports: > source-ports: > icmp-blocks: > rich rules: > > Does anyone know what is the problem or how can i fix this? > Thank you! > Adrian > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
https://pkgs.org/download/libvirt maybe libvirt use this.. i get anything with root. Maybe you should install this. I think there is a better solution.. a better program. Sent with ProtonMail Secure Email. ??????? Original Message ??????? On Wednesday, 11. December 2019 10:51, Simon Matter via CentOS <centos at centos.org> wrote:> > Hi! I have a minimal installation of centos8 + packages for freeipa as a > > vbox vm. there is something strange with the firewall rules : > > I'm not sure but does CentOS 8 still use iptables? > > Regards, > Simon > > > [root at ldap ~]# iptables -S > > -P INPUT ACCEPT > > -P FORWARD ACCEPT > > -P OUTPUT ACCEPT > > [root at ldap ~]# firewall-cmd --get-active-zones > > public > > interfaces: enp0s17 > > [root at ldap ~]# firewall-cmd --state > > running > > [root at ldap ~]# firewall-cmd --zone=public --permanent --list-all > > public > > target: default > > icmp-block-inversion: no > > interfaces: > > sources: > > services: cockpit dhcpv6-client dns freeipa-ldap freeipa-ldaps http > > https ssh > > ports: 22/tcp 60000/tcp > > protocols: > > masquerade: no > > forward-ports: > > source-ports: > > icmp-blocks: > > rich rules: > > Does anyone know what is the problem or how can i fix this? > > Thank you! > > Adrian > > > > CentOS mailing list > > CentOS at centos.org > > https://lists.centos.org/mailman/listinfo/centos > > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
Jonathan Billings
2019-Dec-11 13:33 UTC
[CentOS] centos8 :: firewalld active but tables empty
On Wed, Dec 11, 2019 at 10:58:36AM +0200, Adrian Sevcenco wrote:> > Hi! I have a minimal installation of centos8 + packages for freeipa as a > vbox vm. there is something strange with the firewall rules : > > [...] > > Does anyone know what is the problem or how can i fix this?Firewalld in CentOS8 uses nftables instead of iptables. Use 'nft list ruleset' to see the rules set up by Firewalld. -- Jonathan Billings <billings at negate.org>