similar to: Samba AD firewalld services

Progress... On 08/27/2015 08:50 AM, L.P.H. van Belle wrote: > After reading this thread.. and ..seeing the comments.. > > I googled a bit around. and yes.. more then 5 sec.. ;-) > > I wonder why almost every "centos/redhat/rpm based" howto removes firewalld with the base iptables service > now, i'm not "pro" systemd or con systemd, i use it but i set my

On 27/08/15 13:50, L.P.H. van Belle wrote: > After reading this thread.. and ..seeing the comments.. > > I googled a bit around. and yes.. more then 5 sec.. ;-) > > I wonder why almost every "centos/redhat/rpm based" howto removes firewalld with the base iptables service Now here's a funny thing, I was searching the samba wiki for 'firewall' and found there

On 08/27/2015 03:29 AM, Rowland Penny wrote: > On 27/08/15 05:20, Robert Moskowitz wrote: >> Now with firewalld, opening up ports is now 'better' done by opening >> services. So what do I need, for starters it seems: >> >> dns, dhcp, dhcpv6, samba, kerberos >> >> Here is the list of services: >> >> RH-Satellite-6 amanda-client bacula

Oh, this really helps. See below, though. On 08/27/2015 09:33 AM, Rowland Penny wrote: > On 27/08/15 14:25, Robert Moskowitz wrote: >> Progress... >> >> On 08/27/2015 08:50 AM, L.P.H. van Belle wrote: >>> After reading this thread.. and ..seeing the comments.. >>> >>> I googled a bit around. and yes.. more then 5 sec.. ;-) >>>

mDNS is not DNS mDNS (zeroconf/avahi) ( used for .local and .lan reserved tlds ) is an apple thingy.. mDNS udp 5353 DNS tcp/udp 53. Yes, dns tcp + udp. If and dns udp package is to large it switches to tcp. got that from wiets ( the postfix developer ) So i must believe him.. wiets is great.. ( and dutch ) :-)) Greetz, Louis >-----Oorspronkelijk bericht----- >Van: samba

On 27/08/15 10:56, Robert Moskowitz wrote: > > > On 08/27/2015 03:29 AM, Rowland Penny wrote: >> On 27/08/15 05:20, Robert Moskowitz wrote: >>> Now with firewalld, opening up ports is now 'better' done by opening >>> services. So what do I need, for starters it seems: >>> >>> dns, dhcp, dhcpv6, samba, kerberos >>> >>>

The services and their port numbers and protocols are defined in /etc/services. You should be able to use that file to map from port numbers to services if you want to use the service names instead. This is not something new with firewalld, iptables has had this option forever as well. On Thu, Aug 27, 2015 at 12:20 AM, Robert Moskowitz <rgm at htt-consult.com> wrote: > Now with

On 27/08/15 05:20, Robert Moskowitz wrote: > Now with firewalld, opening up ports is now 'better' done by opening > services. So what do I need, for starters it seems: > > dns, dhcp, dhcpv6, samba, kerberos > > Here is the list of services: > > RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 > dhcpv6-client dns > ftp high-availability http

After reading this thread.. and ..seeing the comments.. I googled a bit around. and yes.. more then 5 sec.. ;-) I wonder why almost every "centos/redhat/rpm based" howto removes firewalld with the base iptables service now, i'm not "pro" systemd or con systemd, i use it but i set my firewall with ufw, which is much more flexable in my opinion. I just dont care

On 27/08/15 14:25, Robert Moskowitz wrote: > Progress... > > On 08/27/2015 08:50 AM, L.P.H. van Belle wrote: >> After reading this thread.. and ..seeing the comments.. >> >> I googled a bit around. and yes.. more then 5 sec.. ;-) >> >> I wonder why almost every "centos/redhat/rpm based" howto removes >> firewalld with the base iptables

On 08/27/2015 09:50 AM, Rowland Penny wrote: > On 27/08/15 13:50, L.P.H. van Belle wrote: >> After reading this thread.. and ..seeing the comments.. >> >> I googled a bit around. and yes.. more then 5 sec.. ;-) >> >> I wonder why almost every "centos/redhat/rpm based" howto removes >> firewalld with the base iptables service > > Now

On Thursday 21 of April 2016 2:37:49 PM Gordon Messmer wrote: > On 04/21/2016 01:33 PM, Marcin Trendota wrote: > > It's OpenVPN on chamber. > What port is it using? I don't see the standard port listed in your > firewalld rules in either zone. 1194/udp. I added service openvpn and port 1194/udp (just to be sure) to both zones - no change. [root at chamber openvpn]#

Hai, If you use that or the AD, then its incomplete, imo. Your missing ldaps (636) and the GC (ssl) 3268/3269) ports and maybe NTP (123/tcp) if installed. Maybe you dont need them, just an observation. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Jeff > Sadowski via samba > Verzonden: dinsdag 13 februari 2018

Hi, One of our AWS machines was used in an DOS attack last night and I am looking for possible attack vectors. AWS tells me it was sending UDP port 0 traffic to a cloudflare address. This instance had an incorrectly configured AWS security group exposing all ports. The server in question is a Centos 7 based FreeIPA server, OpenVPN concentrator and DNS server. With a brief inspection before the

On Thursday 21 of April 2016 9:08:09 AM Gordon Messmer wrote: > On 04/21/2016 03:11 AM, Marcin Trendota wrote: > > But from host in another location (connected through VPN): > What host serves the VPN? If it's another host, how is that host > connected to the router? If it's "chamber," what type of VPN is it? It's OpenVPN on chamber. I've just noticed

On 28 January 2017 at 13:44, Mike McCarthy, W1NR <sysop at w1nr.net> wrote: > firewalld isn't the only thing that will prevent services from accessing > the internet. I found that I needed to do a relabel before postfix could > access DNS and I have seen other issues as well. Have you tried > disabling the firewall to see if you can get connections to work? Then > try to

On CentOS 7 with firewalld I have a box with numerous interfaces acting as a NAT gateway. This works but I noticed that it routes/forwards traffic not just from my internal zone to external zone but also between interfaces within the internal zone. How can I prevent that traffic? I've tried adding direct and rich rules to deny the traffic but it doesn't work. Direct: firewall-cmd

Hi! I have a minimal installation of centos8 + packages for freeipa as a vbox vm. there is something strange with the firewall rules : [root at ldap ~]# iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT [root at ldap ~]# firewall-cmd --get-active-zones public interfaces: enp0s17 [root at ldap ~]# firewall-cmd --state running [root at ldap ~]# firewall-cmd --zone=public

I'm running Centos 7.8.2003, with firewalld. I was getting huge numbers of ssh attempts per day from a few specific ip blocks. The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 and 118.0.0.0/24, and they amounted to a multiple thousands of attempts per day. I installed and configured fail2ban, but still saw a lot of attempts in the logs, and the ipset created was

On 4/28/2020 3:17 PM, Chris Adams wrote: > - gateway sends a router solicitation and gets a router advertisement > with "stateful config" set, which tells gateway to do DHCPv6 (but > default route comes from RA) I'm not seeing any outbound IPv6 traffic from my CentOS 7 box on the WAN interface. I do see RA's emitting from the LAN interface, from radvd. Is there