Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [firewall-cmd]

46 questions
0
votes
1 answer

firewalld stopping for no reason

I have a Red Hat 8 server. On it, I have used firewall-cmd --permanent --zone=public --add-service=https to enable public traffic to the server. When I systemctl start firewalld, this works as expected. However, every 10 minutes or so, the daemon…
Migwell
  • 101
  • 2
0
votes
0 answers

Remote IP Port Forwarding with SSH but with firewall.cmd or IPTables now

The context: I'm working with Zabbix Server and need to monitor remote servers conected with VPN/SSL tunnel using OpenFortiVPN with Any-Any rule set by our external Datacenter Provider. Local IP of Zabbix Server: 192.168.2.6/24 Remote IP of…
renix
  • 1
  • 1
0
votes
1 answer

Firewalld port forwarding fails

I'm trying to replace an existing tunnel with firewall rules: firewall-cmd --zone=public --add-forward-port=port=9999:proto=tcp:toport=9999:toaddr=100.1.1.1 This should forward all incoming TCP connections to 100.1.1.1 The problem is that it does…
Maestro
  • 265
  • 1
  • 3
  • 9
0
votes
0 answers

How to close podman exposed port on public interface

I have running AdGuardHome instance on podman with WebUI port -p 8053:80. # podman port -a 1aeb8e800717 53/tcp -> 0.0.0.0:53 1aeb8e800717 853/tcp -> 0.0.0.0:853 1aeb8e800717 5443/tcp -> 0.0.0.0:5443 1aeb8e800717 80/tcp ->…
korzhyk
  • 1
  • 1
0
votes
1 answer

firewall-cmd - adding 0.0.0.0/0 as a source in one zone blocks more specific access in another zone

I have two firewalld zones configured as follows: zone: ssh-access source: 1.2.3.4 ports: 9999/tcp zone: other-access source: 5.6.7.8 ports: 8888/tcp We temporarily want to unrestrict access to the ssh-access zone on port 9999/tcp so we replace…
Chris
  • 101
  • 1
0
votes
1 answer

CentOS firewall-cmd script to only allow access from IPs listed in sources

I use this script to set up my firewall. I expected to have ssh access from only one IP but that is not the case after testing. What is missing? #!/bin/bash # # Reset to initial install of firewalld # rm -f /etc/firewalld/zones/* firewall-cmd…
sfanjoy
  • 121
  • 4
0
votes
1 answer

How to allow an ip address to access a specific port on the server without blocking other traffic

First off, am using Firewalld and my configuration is as follows: All traffic is allowed (nothin fancy). Server has MySQL and Apache2 (Linux Debian) I need to allow MySQL remote connections to a specific ip address (my ip) without shutting out…
Dennisrec
  • 121
  • 4
0
votes
0 answers

docker-proxy port 5000 not obeying firewall-cmd rules

I am running Red Hat Enterprise Linux 7.9, where I'm trying to block docker-proxy TCP port 5000 via firewall-cmd. I am using the default public zone as the only active zone and have tried the following individually and in combination: Removed port…
Dibakar Aditya
  • 101
  • 2
0
votes
2 answers

Firewalld insert rule before ESTABLISHED

I want to ban already established connections. Default iptables rules generated by firewalld -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED,DNAT -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -j INPUT_direct How to insert rule before -j ACCEPT…
eri
  • 294
  • 2
  • 5
  • 17
0
votes
1 answer

How to add a new zone in firewalld without blocking `port=80/tcp` in `zone=public` in Ubuntu 20.04

I'm not too familiar with firewalld, but I thought I'd try it out on Ubuntu20.04. The problem I'm having is that port=80/tcp in zone=public gets blocked every time I try to add a new zone. So my question is: how do I add a new zone without it…
John
  • 7,343
  • 23
  • 63
  • 87
0
votes
0 answers

Firewalld will not start on CentOS

I have a CentOS server that I recently ran yum-update on and the only update was to centos-release. I applied the update and ever since FirewallD has been throwing errors. I uninstalled and reinstalled the package thinking I may have just broken the…
Xenology
  • 103
  • 4
0
votes
1 answer

Stopping firewall on CentOS 7

I am having a problem with my CentOS 7 server By accident i run command # firewalld Then i found that the log file in /var/log/firewalld was updated with the following 2020-11-26 12:59:08 WARNING: AllowZoneDrifting is enabled. This is considered…
Wejdan M
  • 3
  • 1
0
votes
0 answers

Firewalld: how are rules of the same priority ordered?

I've been playing with Firewalld and I was wondering about how it does to order rules with the same priority. According to the documentation, it says that there is no guarantee that rules with the same priority will be inserted in the wanted…
ATrashInTheWorld
  • 1
  • 1
  • 1
0
votes
0 answers

Working Fedora Server 32 suffered power failure and afterward firewalld has lost its config; how can I fix this?

Doing my homework, this Server Fault Question speaks to an identical error message and it might have the same cause, but how I got there is likely different and may provide clues. In my case the system in trouble is one of a small number of…
Richard T
  • 1,206
  • 12
  • 29
0
votes
0 answers

Allow TCP traffic on port 3306 from ip range

I have problem with firewall-cmd on Centos 7. I have task: Allow TCP traffic on port 3306 from ip range 192.168.1.0/24, make sure to add this rule as second rule in the chain and second task Allow TCP traffic on port 80 from ip range…
PawelC
  • 149
  • 1
  • 11
1 2
3
4