Questions tagged [firewalld]
Firewalld is an open source firewall solution available on several linux distributions. Firewalld uses D-BUS for monitoring and dynamic management.
67
questions
1
vote
1
answer
58
views
Firewalld port redirect to rootless podman container
I'm having a podman container running rootless on port 8080 and 8443. But I want to have access to them on port 80 and 443.
This is working quite well with firewalld and this command:
firewall-cmd \
...
- 11
1
vote
1
answer
76
views
How can I setup FIREWALLD with IPSEC (StrongSwan) Site-to-Site to make PING work on Debian 12?
I have 3 nodes with public and local IP address, each:
Node A: edge router #1 (10.41.1.0/24)
Node B: edge router #2 (10.48.2.0/24)
Node C: VMS with Debian 12, docker containers and firewalld (ex. 172....
- 13
0
votes
0
answers
79
views
Use firewalld to block some docker Application
i have a virtual machine (libvirt) running docker and some application on it. Some applications should not accessed from the host system but they need to be accessed from the docker host. So i tried ...
- 1
0
votes
2
answers
173
views
How to Block File Manager Application from Connecting to SFTP Server
Operating System : CentOS Linux 7 (Core)
File Manager : Thunar 1.6.16
Trying to achieve : Users should not copy files to other servers via SFTP. But the blocking mechanism should not block users ...
- 545
0
votes
0
answers
38
views
ssh key and firewall blocked zone
i added ssh key from servera to serverb
[production5@servera ~]$ ssh-copy-id production5@serverb
and i added servera to blocked firewalld zone in serverb.
firewall-cmd --add-source=172.25.250.10/32 \...
0
votes
0
answers
154
views
Peers can connect to VPN server but not between themselves (Packet filtered)
I'm new into VPN topic and routing in general, and wanted to learn new thinks while setting up wireguard. However I'm facing an issue that I can't resolve for some time.
As in title: Peers can connect ...
- 1
0
votes
1
answer
126
views
Firewalld forwarding whole subnet
I have a network that looks like this:
MyPC:
eth0 10.208.65.80/18
Machine A (Linux, Running a WebServer)
eth0 10.208.65.101/18
eth1 192.168.2.1/24
firwalld zones:
sudo firewall-cmd --list-all-zones
...
- 103
0
votes
1
answer
850
views
How does firewalld "ingress" and "egress" work compared to the 'classic' way of masquerading IPs?
I'm currently on the second iteration of a home router I built myself.
On the 'original' build, I essentially wrapped the 'standard' commands in firewalld rich rules
On V1
firewall-cmd --direct --add-...
- 130k
1
vote
0
answers
687
views
How can I create a firewalld rule that allow SSH connection only from a specific IP address?
I am not a system engineer or a network expert (I am more a software developer) and I have the following problem that I have to solve related IPTABLES firewall.
I have n Linux machines that must ...
- 7,201
1
vote
0
answers
418
views
Stuck on converting firewalld direct rule syntax to rich rule syntax
I've been googling around to try to translate an iptables script I use for some wireguard rules into native firewalld rules, since all the docs I've been reading about iptables indicate that:
...
- 21
2
votes
0
answers
47
views
firewalld Zone "trusted" Drops about 15% of Frames that are Passed by Zone "public"
Background
I have two lab machines, which I'll refer to as A and B, running RHEL 8.0.
I SSH into A and B from my Windows desktop over a 1 GbE link, whose network interface I'll refer to as eth0.
A and ...
- 1,049
0
votes
1
answer
883
views
Adding a firewalld service closes the required port instead of opening it
I have a fresh install of Rocky Linux 9 on a Linode Shared CPU instance. I just installed firewalld to get it setup. By default it has the http and ssh services enabled.
Doing an nmap scan at this ...
0
votes
1
answer
353
views
firewalld at Almalinux 9 does not apply other zones when 'sources' is specified and matched
I'm migrating from Almalinux 8 (RedHat 8) to Almalinux 9 (RedHat 9) and have got strange behaviour of firewalld.
Here is the condiguration I have (as listed by firewall-cmd --list-all-zones):
public (...
- 243
1
vote
1
answer
547
views
Firewalld DNAT Subnet translation
I want to translate subnets using firewalld.
I have a ethernet interface, that should translate incomming packets targeting
192.168.1.0/24 to 192.168.178.0/24.
My home network is 192.168.8.0/24
I ...
- 11
2
votes
1
answer
2k
views
firewalld: forward traffic as a wireguard VPN gateway
I have setup a pi running Pi OS 11 as a VPN gateway for my local network using Wireguard & Nftables, that all works fine.
However, I wish to switch over to firewalld to be compatible with docker ...
- 123