similar to: Firewalld

I just noticed that when rebooting a CentOS 7 server the firewall comes back up with both interfaces set to REJECT, instead of the eth1 interface set to ACCEPT as defined in 'permanent' firewalld configuration files. All servers are up to date. By "just noticed" I mean that I finally investigated why a newly rebooted VM failed to allow NFS connections. Prior to doing that.

Hi I would like to add rules into the iptables of the Hosted Engine VM in Ovirt. the version is oVirt Engine Version: 4.1.1.8-1.el7.centos I have tried using the normal process for iptables (iptables-save etc), but it seems that the file /etc/sysconfig/iptables this is ignored in the Ovirt Engine VM. How can I add permanent rules into the Engine VM? Kind regards Andrew

On 10/12/2015 10:17 AM, Gordon Messmer wrote: > On 10/11/2015 03:00 PM, Emmett Culley wrote: >> I just noticed that when rebooting a CentOS 7 server the firewall comes back up with both interfaces set to REJECT, instead of the eth1 interface set to ACCEPT as defined in 'permanent' firewalld configuration files. > > Rather than paraphrasing, could you show the specific

I have two VMs, both with firewalld installed. One on machine It this in the IN_public chain: Chain IN_public (2 references) pkts bytes target prot opt in out source destination 81 3423 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0 81 3423 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0

On 12/19/2017 03:37 PM, Louis Lagendijk wrote: > On Tue, 2017-12-19 at 15:05 -0800, Emmett Culley wrote: >> I have two VMs, both with firewalld installed. One on machine It >> this in the IN_public chain: >> >> Chain IN_public (2 references) >> pkts bytes target prot opt >> in out source destination >> 81 3423

Hello Julien, Am Tue, 15 Jan 2019 09:30:23 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > In that case I see: > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq1, length 64 > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq2, length 64 > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq3, length 64 > > Packet goes

On 10/12/2015 10:03 PM, Gordon Messmer wrote: > On 10/12/2015 06:23 PM, Emmett Culley wrote: >> I expect to see the second output upon reboot. > > Thanks, that's a lot more clear. Weird, though. Does /etc/sysconfig/network-scripts/ifcfg-eth1 specify a "ZONE="? Are you using the "network" or the "NetworkManager" service? >

On 06/07/2016 05:05 AM, James Hogarth wrote: > On 7 Jun 2016 12:44, "Emmett Culley" <lst_manage at webengineer.com> wrote: >> >> I have a number of machines (hardware and VMs) running CentOS 7. I all > cases firewall-config is not functional. >> >> First, the service check boxes are not functional. When you click on > one, it don't change to

Hi, I have a standard Centos7 AMI. Can anyone tell me whats happening here? Thanks, Andrew Aug 19 11:17:23 master dhclient[22897]: bound to 10.141.10.49 -- renewal in 1795 seconds. Aug 19 11:17:24 master network: Determining IP information for eth0... done. Aug 19 11:17:24 master network: [ OK ] Aug 19 11:17:24 master systemd: Started LSB: Bring up/down networking. Aug 19 11:23:43 master

Hello, I would like permission to contribute information to the wiki... Username: CaseyDoyle To append an additional method for ssh blocking with firewallD: Page: https://wiki.centos.org/HowTos/Network/SecuringSSH#head-3579222198adaf43a3ecbdc438ebce74da40d8ec Suggest to add the following info to it pertinent section: ------ 6. Filter SSH at the Firewall complementary to iptables method,

I understand that the contents of /etc/sysctl.conf should be read and executed at system startup. However that never happens and I have to run sysctl -p after every reboot to get the settings I want. This is happening on every CentOS machine and VM I have. I can see in the startup scripts that "sysctl -e -p /etc/sysctl.conf >/dev/null 2>&1" is run at start up by the

After successfully updating three CentOS 6.3 VM guests to 6.4 I decided to update the host as well. And it failed to boot. Kernel panic - Not syncing: Attempted to kill init! Pid: 1, comm: init not tainted: 2.6.32-358.2.1.el6.x86_64 #1 Plus a call trace I couldn't see Luckily I was able to boot from the previous kernel and get my system back up. After booting to the previous kernel I

On 10/11/2015 03:00 PM, Emmett Culley wrote: > I just noticed that when rebooting a CentOS 7 server the firewall comes back up with both interfaces set to REJECT, instead of the eth1 interface set to ACCEPT as defined in 'permanent' firewalld configuration files. Rather than paraphrasing, could you show the specific rules, chains, or policies you're talking about? A standard

On 01/05/2016 02:00 PM, Alexander Dalloz wrote: > Am 05.01.2016 um 22:03 schrieb Emmett Culley: >> I am seeing these lines for each domain in the systemd journal: >> >> zone relationship123.com/IN: loading from master file relationship123.com.db failed: file not found >> zone relationship123.com/IN: not loaded due to errors. >> _default/relationship123.com./IN:

Hello, I have a big problem with fail2ban and firewalld on my new system. I have a server running (CentOS 7.1) and run a Update to 7.2 on this system all is working ? BUT I install a new system with CentOS 7 1511 on this systems fail2ban don't work anymore. I have this error or more, in the firewalld 2015-12-19 08:39:55 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t filter -I

I am seeing these lines for each domain in the systemd journal: zone relationship123.com/IN: loading from master file relationship123.com.db failed: file not found zone relationship123.com/IN: not loaded due to errors. _default/relationship123.com./IN: file not found If I change the zone defs to include the full path: >From zone "relationships123.com." IN { type master; file

On 7/15/20 2:39 AM, Gianluca Cecchi wrote: > On Wed, Jul 15, 2020 at 2:39 AM Emmett Culley via CentOS <centos at centos.org <mailto:centos at centos.org>> wrote: > > > Thanks for the info.? I hadn't seen that before nor many of the links.? I had seen the suggested systemd fix, but have never been able got them to work. And I've tried many combinations.? Still

First system-config-network is not part of CentOS/RHEL 6, now I don't see system-config-bind either. Is there an alternative (GUI) way to manage the bind DNS server? Emmett

> On 7/19/20 10:41 PM, Simon Matter via CentOS wrote: >>> On 7/13/20 6:40 PM, Emmett Culley via CentOS wrote: >>>> I need to set the umask for apache to 002.? I've tried every idea I've >>>> found on the internet, but nothing make a difference.? Most suggest >>>> that >>>> I put "umask 002" in /etc/sysconfig/httpd, but

> On 7/13/20 6:40 PM, Emmett Culley via CentOS wrote: >> I need to set the umask for apache to 002.? I've tried every idea I've >> found on the internet, but nothing make a difference.? Most suggest that >> I put "umask 002" in /etc/sysconfig/httpd, but that doesn't seem to make >> a difference.? Other's suggest adding something to the