Questions tagged [firewalld-zone]
24 questions
14
votes
3 answers
firewalld not listing any active zones?
When running
[root@host ~]# firewall-cmd --get-active-zones
[root@host ~]#
[root@host ~]# firewall-cmd --get-default-zone
public
I am not getting any active zones. How can I activate a zone?
giorgio79
- 1,957
5
votes
2 answers
FirewallD : Allow connections only from certain IP addresses
I am trying to use FirewallD to restrict access to a CentOS server from other machines on the network. It has a single network interface and it is operating in the public zone. Lets say that the ip address of this server 10.10.1.20.
What I want to…
thisisshantzz
- 151
4
votes
0 answers
firewalld: two NICs, two zones. Zone is ignored
I have a server running CentOS/RHEL 7.7 with two network interfaces. These interfaces are configured and work properly. The first interface, ens33, is part of the firewalld "public" zone. All the rules applied to this zone work properly. The…
AntEater
- 41
- 4
4
votes
2 answers
Fedora 21: Firewalld (firewall-cmd) won't PERMANENTLY assign interfaces to zones?
I installed Fedora on this one machine which is EXCLUSIVELY a gateway / firewall system.
Following installation, I ran 'yum upgrade', and so it should be up to the very latest Fedora 21 - I'm a little behind on purpose (not Fedora 22) specifically…
Richard T
- 1,332
4
votes
0 answers
IPsets in FirewallD with Nftables backend
I upgraded my server to Fedora 32. Firewalld has switched the backend to Nftables.
My setup is pretty simple. Just HTTP, HTTPS, SSH, SMTP ports open and multiple IPsets (IPv4, IPv6) to block a preset list of IP addresses. Earlier I used to do…
user213598
2
votes
1 answer
Firewalld block http traffic even if activated
I'm trying to configure a simple test environment with 3 machines :
One Kali to simulate internet : IP = 10.99.0.2
One CentOS that acts as a firewall using firewalld : IPs = 10.99.0.1,
10.4.1.1
One CentOS that acts as a web server using httpd : IP…
2
votes
1 answer
Firewalld management
As I asked it on this topic's comments: block all but a few ips with firewalld
I'm looking for a way to deny all public IPs except for mine on the public zone of firewalld.
For now, my public zone just have ssh/http/https services and I have…
Dr I
- 985
2
votes
0 answers
using Firewalld , trying to allow all ports that come in on an internal ip
I am building a new server and i am using Firewalld for the first time.
I have a loadbalancer that takes public ip requests and routes them to one of my servers with internal IPs
These servers have both public and private ips.
The public ips are…
randy
- 151
1
vote
1 answer
firewalld puppet module unable to add multiple sources error: INVALID ZONE on second source
We have a puppet module (v3.6.2 as we're using it for Satellite 6)
The module works as expected, except when adding multiple sources to a zone. It will add the zone and then add one souce, then error out trying to add the second source to the zone…
Amelia
- 11
1
vote
1 answer
How to configure firewalld for source-specific rules?
I have a server in a datacenter that serves as an IPA master and VPN server. For simplicity, assume I need to enable the "ipsec" service for VPN, and the "kerberos" service for IPA.
I would like to:
1) Allow traffic from anywhere to access the ipsec…
ToBeReplaced
- 119
- 1
- 5
1
vote
0 answers
Firewalld: Sources in Drop and Block zones
I can't get the services attaches to the block zone working for sources attached to those zones. I was wondering what the inteded purpose of source->zone<-service was..!
I was trying to use the default zone as the drop zone with few service enabled.…
xcorat
- 121
1
vote
2 answers
firewalld config for OpenVPN
I am trying to setup an OpenVPN server on a VPS running Fedora Server 35. I got the VPN setup and working, but am running into issues with the firewall setup.
This is my first experience administering a firewall, and I'm not a Linux-native either,…
Skenja
- 13
1
vote
1 answer
Firewalld without interfaces on public zone
On my Oracle Cloud server, the public zone has no interfaces attached, neither does any of the other zones.
But still if I allow a port in the public zone, it does allow the traffic through.
So why is it not needed to add the adaptor (eth0 or…
Maestro
- 395
1
vote
2 answers
How to add a new zone in firewalld without blocking `port=80/tcp` in `zone=public` in Ubuntu 20.04
I'm not too familiar with firewalld, but I thought I'd try it out on Ubuntu20.04. The problem I'm having is that port=80/tcp in zone=public gets blocked every time I try to add a new zone.
So my question is: how do I add a new zone without it…
learningtech
- 7,769
0
votes
1 answer
block ping 8.8.8.8 in firewalld
Working from my Arch Console (having not yet installed Openbox), I've installed firewalld, sudo pacman -S firewalld, then, to check that it's overall working, firewall-cmd --panic-on correctly blocks my ping -c 3 8.8.8.8. But is it specifically…
joharr
- 103