Displaying 20 results from an estimated 10000 matches similar to: "Firewalld IP in multiple zones"
2015 Mar 21
0
Firewalld IP in multiple zones
On Fri, Mar 20, 2015 at 10:19:13PM +0100, Tim wrote:
> I would like to know what will happen when I add 192.168.3.0/24 to
> trusted zone, but 192.168.3.1/32 to public zone.
[...]
> What's firewalld's rule? Deny before allow?
It's a little confusing, but the zones apply to _your_ interfaces, not
to external addresses. Only one zone is active at a time per interface.
--
2020 May 09
4
Transparent Squid and FirewallD : fine-tuning question
Hi,
I just setup a very basic HTTP proxy with Squid on a router running CentOS 7.
Up until early 2020 I've been using a bone-headed shell script with iptables to
configure my firewall. But I decided to follow advice from a few gurus on this
list, and I've since moved my configurations to FirewallD, which works nicely.
There's one configuration left to tackle, that's port
2016 Mar 25
2
firewalld question
Matthew Miller wrote:
>> I'n wondering if it is possible to have Centos-7 automatically change
>> firewall zones, depending on the network we conect to.
> The way to do this is changing the zone for the network in
> NetworkManager.
Are there two different ways of setting firewalld zones,
in firewalld and in NetworkManager?
Which is taken if they differ?
> (This works
2018 Dec 14
3
Firewalld and iptables
After a recent large update, firewalld's status contains
many lines of the form:
WARNING: COMMAND_FAILED: '/usr/sbin/iptables...
Checking iptables.service status shows it to be masked.
I realize that firewalld uses iptables, but should it
be enabled and started as a service?
Jon
--
Jon H. LaBadie jcu at labadie.us
11226 South Shore Rd. (703) 787-0688 (H)
2020 Jun 09
1
firewalld / iptables / nftables
Once upon a time, Jonathan Billings <billings at negate.org> said:
> 'iptables' and 'nftables' are competing technologies. In CentOS 8,
> firewalld's backend was switched from iptables to nftables. So it
> would be expected that the iptables command wouldn't have any rules
> defined, it isn't being used by firewalld.
That is partially incorrect.
2016 Mar 24
5
firewalld question
Hi all!
I'n wondering if it is possible to have Centos-7 automatically change
firewall zones, depending on the network we conect to.
my default zone is "home" and it has some ports open that probably
shouldn't be open when I'm on someone elose's network.
so I'm thinking that if there's a way to have it always use home when
I'm at home, and external when
2020 Jun 09
3
firewalld / iptables / nftables
Despite that the migration of our applications comes with a significant
workload. It seems that also every aspect of common services had changed
with EL8.
In EL8 firewalld uses nftables as backend. I wonder why iptables does
not list any rules while also configured to use nftables as backend.
# iptables -V
iptables v1.8.2 (nf_tables)
# firewall-cmd --list-all |egrep -o '22|ssh'
ssh
2015 May 08
1
openvpn and firewalld
I am trying to build a new openvpn server based on CentOS7. Everything
is working fine as long as I disable firewalld. With firewalld enabled,
I can connect to the vpn and ping the machines on the network, but I am
unable to ssh to them.
What I had on my old server with iptables was two simple rules:
-A RH-Firewall-1-INPUT -s <localnet>/255.255.0.0 -d <vpnnet>/255.255.0.0
-j
2018 Dec 14
4
Firewalld and iptables
On Fri, Dec 14, 2018 at 03:14:12PM -0700, Warren Young wrote:
> On Dec 14, 2018, at 2:30 PM, Jon LaBadie <jcu at labadie.us> wrote:
> >
> > After a recent large update, firewalld's status contains
> > many lines of the form:
> >
> > WARNING: COMMAND_FAILED: '/usr/sbin/iptables?
>
> What?s the rest of the command?
Well, there are about 20 of
2016 Jul 12
2
How to block routing/forwarding with firewalld
On CentOS 7 with firewalld I have a box with numerous interfaces acting
as a NAT gateway. This works but I noticed that it routes/forwards
traffic not just from my internal zone to external zone but also between
interfaces within the internal zone. How can I prevent that traffic?
I've tried adding direct and rich rules to deny the traffic but it
doesn't work. Direct:
firewall-cmd
2015 Aug 27
2
Samba AD firewalld services
Am 27.08.2015 um 12:07 schrieb Rowland Penny:
> Well, I don't think I will ever be able to help you with firewalld, it
> sounds like it has something to with systemd and I will never use that
> abortion, I may have to start using freebsd.
can you please stop your systemd-trolling or at least assume something
has to do with systemd because it has a 'd' letter in the name
2015 Aug 27
1
Samba AD firewalld services
Am 27.08.2015 um 13:06 schrieb Rowland Penny:
> On 27/08/15 11:51, Reindl Harald wrote:
>>
>> Am 27.08.2015 um 12:07 schrieb Rowland Penny:
>>> Well, I don't think I will ever be able to help you with firewalld, it
>>> sounds like it has something to with systemd and I will never use that
>>> abortion, I may have to start using freebsd.
>>
2020 Feb 13
1
NetworkManager on servers
Le 13/02/2020 ? 17:50, Stephen John Smoogen a ?crit?:
> In the end, the problem is that NetworkManager, FirewallD, and other
> 'automatic' helpers are 'part' of the OS.. and while it was easy to tear
> them out in earlier versions.. as time goes on it is not.
>
> For a car analogy, it was much easier to convert any 1970 car from
> automatic back to manual as many
2018 Dec 14
0
Firewalld and iptables
On Dec 14, 2018, at 2:30 PM, Jon LaBadie <jcu at labadie.us> wrote:
>
> After a recent large update, firewalld's status contains
> many lines of the form:
>
> WARNING: COMMAND_FAILED: '/usr/sbin/iptables?
What?s the rest of the command?
> Checking iptables.service status shows it to be masked.
That?s probably from package iptables-services, which isn?t
2015 Mar 06
3
upgrading samba 4.1.4 to the latest samba 4 release
You should think about using alternate repositories like from launchpad.
The most common repository used seems the one from sernet.
You need to register at sernet for this. Have a look at http://enterprisesamba.com/
Regards
Tim
Am 6. M?rz 2015 19:38:23 MEZ, schrieb Tadewos Alemneh <tadewosa at yahoo.com>:
>I've installed samba 4.1.4 on Ubuntu 12.04 server. It is used as PDC
>and
2020 Jun 09
0
firewalld / iptables / nftables
On Tue, Jun 09, 2020 at 02:19:17PM +0200, Leon Fauster via CentOS wrote:
>
> Despite that the migration of our applications comes with a significant
> workload. It seems that also every aspect of common services had changed
> with EL8.
>
> In EL8 firewalld uses nftables as backend. I wonder why iptables does not
> list any rules while also configured to use nftables as
2015 Dec 21
2
double nat - common setup
hi everybody
my mind must have gone blank & eyes blind, I'm hoping it's
simple and somebody can shed the light on bit I cannot see.
a regular default net:
<network>
<name>default</name>
<uuid>4c0a0c44-7e8a-493b-a57c-87cd38eaa0f7</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on'
2014 Sep 09
1
CentOS 7: firewalld.service operation time out - systemctl firewalld issues
I'm having a few issues with firewalld on a CentOS 7 install, in
particular when using systemctl to start/check the status of the
daemon:
Checking the firewalld daemon status
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: failed
2016 Mar 25
0
firewalld question
On Fri, Mar 25, 2016 at 11:26:17AM +0000, Timothy Murphy wrote:
> >> I'n wondering if it is possible to have Centos-7 automatically change
> >> firewall zones, depending on the network we conect to.
> > The way to do this is changing the zone for the network in
> > NetworkManager.
> Are there two different ways of setting firewalld zones,
> in firewalld and
2015 Nov 25
1
Install Firewalld
I am trying to install Firewalld.
I am using CENTOS 7.
Please help me to solve the error.
[root at ns1 httpd]# systemctl enable firewalld
[root at ns1 httpd]# systemctl start firewalld
[root at ns1 httpd]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: inactive (dead) since Thu