similar to: iptables 2 firewalld

On Dec 14, 2018, at 2:30 PM, Jon LaBadie <jcu at labadie.us> wrote: > > After a recent large update, firewalld's status contains > many lines of the form: > > WARNING: COMMAND_FAILED: '/usr/sbin/iptables? What?s the rest of the command? > Checking iptables.service status shows it to be masked. That?s probably from package iptables-services, which isn?t

Once upon a time, Jonathan Billings <billings at negate.org> said: > 'iptables' and 'nftables' are competing technologies. In CentOS 8, > firewalld's backend was switched from iptables to nftables. So it > would be expected that the iptables command wouldn't have any rules > defined, it isn't being used by firewalld. That is partially incorrect.

Despite that the migration of our applications comes with a significant workload. It seems that also every aspect of common services had changed with EL8. In EL8 firewalld uses nftables as backend. I wonder why iptables does not list any rules while also configured to use nftables as backend. # iptables -V iptables v1.8.2 (nf_tables) # firewall-cmd --list-all |egrep -o '22|ssh' ssh

--On Friday, December 14, 2018 5:57 PM -0500 Jon LaBadie <jcu at labadie.us> wrote: > Well, there are about 20 of them and several screen widths > long. However they all end with one of two reasons: > > : No chain/target/match by that name. > : Bad rule (does a matching rule exist in that chain?). Put them on a pastebin so we can see them at full width. The chain names

After a recent large update, firewalld's status contains many lines of the form: WARNING: COMMAND_FAILED: '/usr/sbin/iptables... Checking iptables.service status shows it to be masked. I realize that firewalld uses iptables, but should it be enabled and started as a service? Jon -- Jon H. LaBadie jcu at labadie.us 11226 South Shore Rd. (703) 787-0688 (H)

On Tue, Jun 09, 2020 at 02:19:17PM +0200, Leon Fauster via CentOS wrote: > > Despite that the migration of our applications comes with a significant > workload. It seems that also every aspect of common services had changed > with EL8. > > In EL8 firewalld uses nftables as backend. I wonder why iptables does not > list any rules while also configured to use nftables as

Steve Frazier wrote: > Hello,? > I hope that I can ask some questions on this mailing list about IPTables. > I am more familiar with IPTABLES instead of FIREWALLD.? I disabled > FIREWALLD and installed?iptables-services. > I have put together a script that I found on the web on how to set up a > good set of IPTABLES rules to keep my server as secure as possible. <snip>

On Fri, Dec 14, 2018 at 04:55:33PM -0800, Kenneth Porter wrote: > --On Friday, December 14, 2018 5:57 PM -0500 Jon LaBadie <jcu at labadie.us> > wrote: > > > Well, there are about 20 of them and several screen widths > > long. However they all end with one of two reasons: > > > > : No chain/target/match by that name. > > : Bad rule (does a

On Fri, Dec 14, 2018 at 03:14:12PM -0700, Warren Young wrote: > On Dec 14, 2018, at 2:30 PM, Jon LaBadie <jcu at labadie.us> wrote: > > > > After a recent large update, firewalld's status contains > > many lines of the form: > > > > WARNING: COMMAND_FAILED: '/usr/sbin/iptables? > > What?s the rest of the command? Well, there are about 20 of

Steve Frazier wrote: > Thank you.? I apologize for sending something that could be read.? There > are more examples in there that I had commented out. > Anyway,? here is my working iptables-save.? If someone could review my > output and let me know if I am missing anything and if the order of the > rules are the most secure they could be. > TIA. > Steve, Do you have any

Am 01.06.2018 um 17:24 schrieb Steve Frazier: > I assumed this was a Centos 7 mailing list and I was looking for help with IPTABLEs.I have used mailing lists before.? Copying a file to an email address didn't have that type of output.? I apologize. > First of all is this a Centos 7 Mailing list that I can ask for help or have I made a huge mistake?? IF so, should I just attach the file

--On Friday, June 01, 2018 1:01 PM +0000 Steve Frazier <sfrazier1111 at yahoo.com> wrote: > I have attached the full script with the comments for what I am trying to > do. I suggest uploading your script to pastebin.com and putting the link in your post to the list. That way long lines in your script will be preserved. Pastebin is good for content where the formatting is

On Mon, 2020-02-03 at 19:04 -0500, Jerry Geis wrote: > Hi All, > > Over the last 20 some years I have a file with about 200K worth of address > that have "wrongly" tried to connect to my boxes running centos. So the > file has one line per address or group of addresses like: > 2.244.112.0/24 > > So using the OLD iptables I would run through my file build the

I assumed this was a Centos 7 mailing list and I was looking for help with IPTABLEs.I have used mailing lists before.? Copying a file to an email address didn't have that type of output.? I apologize. First of all is this a Centos 7 Mailing list that I can ask for help or have I made a huge mistake?? IF so, should I just attach the file to the email. I apologize for the output, I had no idea.?

Hi All, Over the last 20 some years I have a file with about 200K worth of address that have "wrongly" tried to connect to my boxes running centos. So the file has one line per address or group of addresses like: 2.244.112.0/24 So using the OLD iptables I would run through my file build the iptables.txt file and start that with DROP for the IP address. iptables ran through the big

On Tue, 4 Feb 2020 at 05:37, Pete Biggs <pete at biggs.org.uk> wrote: > On Mon, 2020-02-03 at 19:04 -0500, Jerry Geis wrote: > > Hi All, > > > > Over the last 20 some years I have a file with about 200K worth of > address > > that have "wrongly" tried to connect to my boxes running centos. So the > > file has one line per address or group of

Hello,? I hope that I can ask some questions on this mailing list about IPTables. I am more familiar with IPTABLES instead of FIREWALLD.? I disabled FIREWALLD and installed?iptables-services. I have put together a script that I found on the web on how to set up a good set of IPTABLES rules to keep my server as secure as possible. I have two NICs. ETH0 and ETH1. ETHO is the internet and ETH1 is my

Thank you.? I apologize for sending something that could be read.? There are more examples in there that I had commented out. Anyway,? here is my working iptables-save.? If someone could review my output and let me know if I am missing anything and if the order of the rules are the most secure they could be. TIA. Steve # Generated by iptables-save v1.4.21 on Fri Jun? 1 10:34:39

Hi Roger and thanks! I have attached my nut report from the new script (sans journal). I saw nothing that looked like a problem with the report save the sections <scriptname> "Cannot access <scriptname>. Perhaps this is from the missing journal? On 7/14/2019 7:52 AM, Roger Price wrote: > On Tue, 9 Jul 2019, Charles Lepple wrote: > >> Can you please run this script

Hi all, I wrote shell script and put it under the /usr/local/bin/ directory. I use echo $0 for get script name but it has printed "/usr/local/bin/<scriptname>" but i want to only print <scriptname> How can i do this ? Thanks all for help. -- Iyi calismalar.Basarilar... Semih Gokalp Istanbul/Turkiye