Someone at work wanted to know how to add rules permanently to FirewallD, CentOS 7’s dynamic firewall (iptables), so I’m posting it in case it’s useful to someone else.
Source :
Get the default zone, this is usually “public”:
firewall-cmd --get-active-zones
List services on that zone:
firewall-cmd --zone=public --list-all
Add required TCP ports (let’s do port 80):
firewall-cmd --permanent --zone=public --add-port=80/tcp
If you need a UDP port:
firewall-cmd --permanent --zone=public --add-port=123/udp
You could restart the firewall for them to take affect, or set the rules again withoutthe –permanent option to add them dynamically.
Restart firewall:
systemctl restart firewalld.service
You can also specify services, rather than ports if you like.
sudo firewall-cmd --permanent --zone=public --add-service=http
http://blog.christophersmart.com/2014/01/15/add-permanent-rules-to-firewalld/
To read :
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html
http://stackoverflow.com/questions/24729024/centos-7-open-firewall-port
http://www.certdepot.net/rhel7-get-started-firewalld/
To read :
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html
http://stackoverflow.com/questions/24729024/centos-7-open-firewall-port
http://www.certdepot.net/rhel7-get-started-firewalld/
No comments:
Post a Comment