search for: kimberlee

...sure whether that or rich rules was preferable. -- Kimee On Sat, 2019-04-27 at 01:39 +0200, Thibaut Perrin wrote: > No, I think the rules you created might have a better place in a > custom xml file instead of being given to firewall cmd directly :) > > On Fri, 26 Apr 2019 at 23:01, Kimberlee Integer Model < > kimee.i.model at gmail.com> wrote: > > I'm not sure I follow, you just think the modified one should be > > called > > "ssh-custom", or you think there shouldn't be a modified service > > file > > at all? > > > &gt...

...e at all? -- Kimee On Fri, 2019-04-26 at 19:46 +0200, Thibaut Perrin wrote: > Hi there, > > Wouldn't that be a better solution to create a custom xml file to put > in /etc/firewalld and load that "ssh-custom" service instead ? > > Thanks > > On 26/04/2019, Kimberlee Integer Model <kimee.i.model at gmail.com> > wrote: > > Thank you, I've gone in and made the listed changes changed > > firewalld > > sections to use services instead of just port numbers. > > > > -- Kimee > > > > > > On Wed, 2019-04-2...

...(5) and firewalld.org the service XML files, can only handle source/destination/port, and cannot handle the actions to be performed. I will update where possible to use the service files, but log/accept limit will still need to be encoded in rich rules. -- Kimee On Mon, 2019-04-29 at 20:43 -0400, Kimberlee Integer Model wrote: > Ah. I understand now. I was considering roughly the same, but wasn't > sure whether that or rich rules was preferable. > > -- Kimee > > > On Sat, 2019-04-27 at 01:39 +0200, Thibaut Perrin wrote: > > No, I think the rules you created might hav...

Thank you, I've gone in and made the listed changes changed firewalld sections to use services instead of just port numbers. -- Kimee On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote: > On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model > <kimee.i.model at gmail.com> wrote: > > > > HI all, > > > > 1st time contributor here. I was using the guide on securing SSH, > > and > > noticed that the firewall-cmd snippets for filtering by requests > > per > > time seem...

No, I think the rules you created might have a better place in a custom xml file instead of being given to firewall cmd directly :) On Fri, 26 Apr 2019 at 23:01, Kimberlee Integer Model < kimee.i.model at gmail.com> wrote: > I'm not sure I follow, you just think the modified one should be called > "ssh-custom", or you think there shouldn't be a modified service file > at all? > > -- Kimee > > On Fri, 2019-04-26 at 19:46 +...

HI all, 1st time contributor here. I was using the guide on securing SSH, and noticed that the firewall-cmd snippets for filtering by requests per time seem somewhat outdated. From what I can tell the given snippets, relay arguments directly down to iptables, and do not cover both IPv4 and v6. (and in fact when attempting to extend to v6 the firewall would fail to reload). I came up with an

Hi there, Wouldn't that be a better solution to create a custom xml file to put in /etc/firewalld and load that "ssh-custom" service instead ? Thanks On 26/04/2019, Kimberlee Integer Model <kimee.i.model at gmail.com> wrote: > Thank you, I've gone in and made the listed changes changed firewalld > sections to use services instead of just port numbers. > > -- Kimee > > > On Wed, 2019-04-24 at 17:05 -0700, Akemi Yagi wrote: >> On Wed,...

On Wed, Apr 24, 2019 at 12:13 AM Kimberlee Integer Model <kimee.i.model at gmail.com> wrote: > > HI all, > > 1st time contributor here. I was using the guide on securing SSH, and > noticed that the firewall-cmd snippets for filtering by requests per > time seem somewhat outdated. From what I can tell the given snippe...