Displaying 20 results from an estimated 5000 matches similar to: "Firewalld zone conflict"
2015 Dec 04
0
Firewalld zone conflict
On 4 December 2015 at 14:18, Colin Coles <colin at wemoto.com> wrote:
> Hi,
> In CentOS7 I have added two zones using firewall-cmd, each for
> different ports/services and interfaces when I try to --add-source to
> the second zone with an IP that is already in the first I am getting an
> 'Error: ZONE_CONFLICT' message. Am I trying to do something illogical or
> is
2015 Nov 06
2
firewalld being stupid
On 6 November 2015 at 21:49, Pete Travis <lists at petetravis.com> wrote:
> On Nov 6, 2015 3:31 PM, "Nick Bright" <nick.bright at valnet.net> wrote:
>>
>> Greetings,
>>
>> One of my biggest frustrations with CentOS 7 has been firewalld.
>>
>> Essentially all of the documentation just flat doesn't work.
>>
>> One common
2016 Mar 24
5
firewalld question
Hi all!
I'n wondering if it is possible to have Centos-7 automatically change
firewall zones, depending on the network we conect to.
my default zone is "home" and it has some ports open that probably
shouldn't be open when I'm on someone elose's network.
so I'm thinking that if there's a way to have it always use home when
I'm at home, and external when
2017 Jan 28
1
firewalld
> -----Original Message-----
> From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of James
> Hogarth
> Sent: Saturday, January 28, 2017 4:18 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] firewalld
>
> On 28 Jan 2017 3:02 am, "TE Dukes" <tdukes at palmettoshopper.com> wrote:
>
>
>
> > -----Original Message-----
> >
2015 Nov 17
1
firewalld rule syntax
On 17 Nov 2015 17:30, "Nick Bright" <nick.bright at valnet.net> wrote:
>
> On 11/17/2015 11:12 AM, Nick Bright wrote:
>>
>> firewall-cmd --zone=monitoring --add-source=1.2.3.4/32
>> firewall-cmd --zone=monitoring --add-service=snmp
>> firewall-cmd --zone=monitoring --add-interface=ens192
>> firewall-cmd --runtime-to-permanent
>
> I went
2015 Nov 17
4
firewalld being stupid
On Mon, November 16, 2015 16:39, Nick Bright wrote:
> On 11/6/2015 3:58 PM, James Hogarth wrote:
>> I have a couple of relevant articles you may be interested in ...
>>
>> On assigning the zone via NM:
>> https://www.hogarthuk.com/?q=node/8
>>
>> Look down to the "Specifying a particular firewall zone" bit ...
>> remember that if you edit the
2015 Nov 06
4
firewalld being stupid
Greetings,
One of my biggest frustrations with CentOS 7 has been firewalld.
Essentially all of the documentation just flat doesn't work.
One common thing that needs to be done is to change the zone of an
interface, however I've tried:
firewall-cmd --permanent --zone=internal --change-interface=ens192
firewall-cmd --permanent --zone=internal --add-interface=ens192
I've also tried
2017 Jan 28
2
firewalld
On 28 January 2017 at 13:44, Mike McCarthy, W1NR <sysop at w1nr.net> wrote:
> firewalld isn't the only thing that will prevent services from accessing
> the internet. I found that I needed to do a relabel before postfix could
> access DNS and I have seen other issues as well. Have you tried
> disabling the firewall to see if you can get connections to work? Then
> try to
2015 Dec 28
1
firewalld services
I am familiar with using commands like:
firewall-cmd --permanent --add-service=http
To enable firewalld services. I am also aware that this is through xml
'scripts' in:
/usr/lib/firewalld/services/
But what I find interesting is what services are there and which are
not. I went a'lookin with:
grep "port=" /usr/lib/firewalld/services/*|more
And found some like:
2016 Jan 29
3
Apache doesn't display "It works page" under CentOS 7
On Fri, Jan 29, 2016 at 11:48 AM, Michael H <michael at wemoto.com> wrote:
> Selinux has been around for a while.
>
Yes, I know this but ...
>
> setsebool - set selinux boolean
>
What I am asking is if the command above is part of SELinux since I doesn't
use before because it's a VM running on my PC so I not need such security
levels.
>
> You should
2015 Nov 17
3
firewalld rule syntax
I'm still learning firewalld obviously, and I am having trouble groking
the documentation to understand how to do this.
I know I could do an iptables direct, but that doesn't seem like the
"right" way to do it.
What I'm trying to do is allow a specific service, only for a specific ip.
Effectively, SNMP should be allowed form a specific IP address (the
systems monitor).
2017 Jan 28
3
firewalld
> -----Original Message-----
> From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Pete Biggs
> Sent: Saturday, January 28, 2017 6:02 AM
> To: centos at centos.org
> Subject: Re: [CentOS] firewalld
>
>
> >
> > The zone apparently means something because an interface can only be on
> one.
> > Moving it to a different zone results in the same
2017 Mar 08
2
From Networkmanager to self managed configuration files
On 8 March 2017 at 11:15, Alice Wonder <alice at domblogger.net> wrote:
> On 03/08/2017 01:57 AM, Giles Coochey wrote:
>>
>>
>>> The recommended configuration for EL7 is to use NetworkManager unless
>>> you have a very specific edge case preventing you from doing so:
>>>
>> The truth is a lot of us run servers that don't need to have their
2016 Jan 29
2
Apache doesn't display "It works page" under CentOS 7
On Fri, Jan 29, 2016 at 11:41 AM, Michael H <michael at wemoto.com> wrote:
> setsebool -P httpd_can_network_connect on
> firewall-cmd --add-service=http --permanent
>
I have ran those two and still can't access. I have restarted httpd and
iptables services after ran those lines. BTW, what those means? setsebool
is part of SELinux? Or this is new kind of extra security layer on
2018 May 15
2
CentOS 7.5 (1804) and NetworkManager
Gnome's control-center now requires NetworkManager-wifi. But it's only a
soft requirement, no shared libs involved.
To keep your workstation NM-free, you want to install a dummy package
that provides NetworkManager-wifi but actually contains nothing, ideally
before updating to 7.5. Here's a script to create such a dummy:
https://github.com/larsks/fakeprovide
If you do this,
2010 May 15
4
Problems after update to 5.5
Hi,
I have updated 8 machines so far and 2 are refusing to boot on
2.6.18-194.3.1.el5 kernel, they just hang at: 'Starting udev:' but when I
revert to 2.6.18-164.15.1.el5 kernel they boot fine. Any pointers?
Cheers,
Colin.
2017 Jan 28
4
firewalld
> -----Original Message-----
> From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Gordon
> Messmer
> Sent: Friday, January 27, 2017 9:23 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] firewalld
>
> On 01/27/2017 06:01 PM, TE Dukes wrote:
> > I telnet localhost 143, I get connection refused.
> >
> > What zone is used for the local
2014 Sep 09
1
CentOS 7: firewalld.service operation time out - systemctl firewalld issues
I'm having a few issues with firewalld on a CentOS 7 install, in
particular when using systemctl to start/check the status of the
daemon:
Checking the firewalld daemon status
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: failed
2017 Apr 26
3
Apache + SSL: default configuration rated "C" by Qualys Labs
On 26 April 2017 at 13:16, Steven Tardy <sjt5atra at gmail.com> wrote:
>
>> On Apr 26, 2017, at 2:58 AM, Nicolas Kovacs <info at microlinux.fr> wrote:
>>
>> The site is rated "C"
>
> The RHEL/CentOS out-of-the-box apache tls is a little old but operational. This Mozilla resource is excellent for getting apache tls config up-to-date.
>
>
2015 Nov 25
1
Install Firewalld
I am trying to install Firewalld.
I am using CENTOS 7.
Please help me to solve the error.
[root at ns1 httpd]# systemctl enable firewalld
[root at ns1 httpd]# systemctl start firewalld
[root at ns1 httpd]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: inactive (dead) since Thu