Skip to content

SantaBarbaraDataSystems

— IT happens.

  • /SBDS.com/etc/
  • /SBDS.com/root/

setup Firewalld

Posted on January 18, 2017 - April 12, 2017 by elijah

install firewalld:

yum install firewalld
systemctl start firewalld.service
systemctl enable firewalld.service

create zones, add rules, and attach to interfaces:

firewall-cmd --permanent --new-zone=pci-web
firewall-cmd --reload
firewall-cmd --permanent --zone=pci-web --add-service=https
firewall-cmd --permanent --zone=pci-web --add-service=ntp
firewall-cmd --zone=pci-web --permanent --change-interface=eno1

firewall-cmd --permanent --new-zone=lcl-mgt
firewall-cmd --reload
firewall-cmd --permanent --zone=lcl-mgt --add-rich-rule 'rule family="ipv4" source address="172.16.0.0/12" service name="ssh" log prefix="ssh" level="info" limit value="1/m" accept'
firewall-cmd --permanent --zone=lcl-mgt --change-interface=eno2

confirm:

firewall-cmd --state
firewall-cmd --zone=pci-web --list-all
firewall-cmd --zone=lcl-mgt --list-all
firewall-cmd --get-active-zones

 

Posted in Centos7, Firewalld

Post navigation

Apache security settings
cabon-cache TLS error after update

Recent Posts

  • delete
  • cabon-cache TLS error after update
  • setup Firewalld
  • Apache security settings
  • curl for public IP address

Categories

  • Apache
  • Centos7
  • errors
  • Firewalld
  • installs
  • Mutt
  • networking
  • Python
  • server configs
  • useful commands

Recent Comments

    Archives

    • March 2017
    • January 2017
    • December 2016
    • October 2016
    • August 2016

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Proudly powered by WordPress | Theme: micro, developed by DevriX.