Differences

This shows you the differences between two versions of the page.

--- networking:firewall:firewalld [2014/11/21 13:39]
gcooper
+++ networking:firewall:firewalld [2018/03/15 09:39] (current)
gcooper
@@ Line 2: / Line 2: @@
 https://fedoraproject.org/wiki/FirewallD
+http://oracle-base.com/articles/linux/linux-firewall-firewalld.php
+http://www.certdepot.net/rhel7-get-started-firewalld/
 FirewallD is the default firewall implementation on CentOS 7.
-===== Control the Firewall =====
+<file>
+firewall-cmd --help
+</file>
+===== Firewall Status and Control =====
 <file>
@@ Line 15: / Line 23: @@
 firewall-cmd --get-zones
+firewall-cmd --get-default-zone
+firewall-cmd --get-services
 firewall-cmd --get-services
@@ Line 21: / Line 33: @@
 firewall-cmd --list-all-zones
-</file>
+firewall-cmd --zone=public --list-all
+firewall-cmd --zone=public --add-interface=eth0    # activate the (Public) firewall on ''eth0''
+</file>
 ===== Allow a Service =====
+Allow HTTP and HTTPS to a web server:
+<file>
+firewall-cmd --permanent --zone=public --add-service=http --add-service=https
+firewall-cmd --reload
+</file>
+===== Change SSH Port =====
+:!: You may need to install some tools on minimal installs:
+<file>
+yum -y install policycoreutils-python net-tools
+</file>
+Change the port in the SSH daemon configuration:
+<file>
+vim /etc/ssh/sshd_config
+</file>
+Fix selinux RBAC:
+<file>
+semanage port -a -t ssh_port_t -p tcp 2222
+</file>
+Modify the firewall:
+<file>
+firewall-cmd --permanent --zone=public --add-port=2222/tcp
+firewall-cmd --reload
+</file>
+Restart the SSH service:
+<file>
+systemctl restart sshd.service
+netstat -tapn
+</file>

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools