Questions tagged [firewalld]
Firewalld is a Fedora project that "provides a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces".
299
questions
0
votes
1
answer
7
views
Determining the performance Impact of firewalld rule count
I was working on tweaking the performance of fail2ban and I read that a too-long ban can result in a build-up of rules that will negatively impact performance, which made me wonder, "Is there any ...
0
votes
0
answers
31
views
How to Log Each Outbound TCP Connection
At my company we have a set of 3 identical VMs. These VMs house an app that "sends messages". The app sends each message by making a TCP connection out to one of two fixed IP addresses (...
0
votes
0
answers
21
views
Using Linux server as a gateway for specific addresses in internal network
I have a RHEL 9 server which has IP addresses as 172.10.0.10 and 172.30.1.10, which is connected to two separate switches with two separate network interfaces.
This server runs a virtual machine, ...
0
votes
0
answers
18
views
Firewalld default fallback behavior
RHEL9 with firewalld 1.2.1 and nftables 1.0.4.
I am trying to understand the default behavior.
Source 10.0.0.0/24 is in custom zone.
Target default.
Service ssh and port 5000 is set here.
Interface ...
0
votes
0
answers
12
views
firewalld different rules for different interfaces
running RHEL 8.9, with firewalld is there a way to have a specific /etc/firewalld/zones/mycustom.rules file for different network interfaces?
For example, I have a quad-port nic in a server, doing ...
0
votes
0
answers
43
views
Firewalld (nftables) SNAT problem
so my setup is following:
A:
PrivIP: 172.16.1.1
PublicIP: 212.1.2.3
B:
PrivIP: 10.123.0.1 (Interface: dummyip, dont ask why I named it like that)
PublicIP: 213.1.2.3 (Interface: eth0)
They both are ...
0
votes
1
answer
49
views
What can cause network drop when running a VM with virt-manager?
I'm new to virt-manager, qemu and libvirt so I barely know how to use them. I use virt-manager's GUI to make it easier for me to do a transition from VirtualBox (including VBoxManage) to KVM.
By far I ...
1
vote
0
answers
52
views
firewalld inconsistent behaviour
I have a docker swarm with a number of nodes. They are connected through wireguard interfaces. All docker swarm communication happens inside the internal network, provided by wireguard. In the example ...
0
votes
0
answers
27
views
Firewalld is running, I can acccess unallowed kubernetes exposed port?
I have a Kubeadm based Kubernetes cluster. Firewalld is running on all nodes on the cluster.
I expose a nginx service via NodePort service, that on theory should be accessible via all nodes on the ...
0
votes
0
answers
51
views
Kafka with KRaft - what is listening on the random high port?
I'm in the process of writing some ansible to install Kafka on RHEL and I've got the service running and am about to configure the firewall to make the service accessible on the network.
When I look ...
0
votes
0
answers
102
views
Fail2ban firewall-cmd ipset not blocking
Fail2ban has accumulated quite the list of ip's to block:
# fail2ban-client banned
[{'sshd': ['101.126.34.231', '106.58.179.182', '117.50.187.153', '119.91.54.127', '121.250.190.129', '124.220.15.172',...
0
votes
0
answers
41
views
Firewalld access from OpenVPN to ftp server
On my router I opened port 21 to FTP and server(Alma Linux 9)works on my public adress IP. In firewalld I set below rule where access has my public IP and it works.
sudo firewall-cmd \
--...
0
votes
0
answers
226
views
chrony port 323 automatically open with firewalld?
Documentation states chrony uses port 323udp by default, versus port 123udp that old NTP used. But where is port 323 defined, because I do not see it in the default /etc/chrony.conf as it comes in a ...
0
votes
0
answers
321
views
firewalld and NAT
So i have been given a task to get to know firewalld and linux networking in general. This is my test setup:
Router and Client are running Debian 12, Laptop Ubuntu 22.04.
This setup should accomplish ...
0
votes
0
answers
42
views
I want to allow incoming traffic on a specific port like ssh and block all outgoing traffic in firewalld
I'm using Firewalld,
I want to block all the outgoing traffic.
And allow all incoming traffic or SSH connection for specific IPs.
I'm able to block all the outbound traffic and it is working by ...