brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improved readibility

Browse Source
This commit is contained in:
Michele Cereda
2023-03-16 00:44:48 +01:00
parent d064109fd1
commit b10f4cf6cc
1 changed files with 17 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
knowledge base/firewalld.md
View File

@@ -24,46 +24,47 @@ firewall-cmd --get-active-zones
firewall-config --list-all
# Change the default zone.
sudo firewall-cmd --set-default-zone=home
sudo firewall-cmd --set-default-zone='home'
# Change an interface's zone assignment.
sudo firewall-cmd --zone=home --change-interface=eth0
sudo firewall-cmd --zone=home --change-interface='eth0'
# List the available service definitions.
firewall-cmd --get-services
# List the allowed services in a zone.
sudo firewall-cmd --list-services
sudo firewall-cmd --list-services --zone=public
sudo firewall-cmd --list-services --zone='public'
sudo firewall-cmd --list-services --permanent
# Temporarily allow services.
sudo firewall-cmd --add-service=http
sudo firewall-cmd --add-service=ssh --zone=public
sudo firewall-cmd --add-service='http'
sudo firewall-cmd --add-service='ssh' --zone='public'
# Permanently allow services.
sudo firewall-cmd --add-service=ssh --permanent
sudo firewall-cmd --add-service=https --zone=public --permanent
sudo firewall-cmd --add-service='ssh' --permanent
sudo firewall-cmd --add-service='https' --zone='public' --permanent
# List the open ports in a zone.
sudo firewall-cmd --list-ports
sudo firewall-cmd --list-ports --zone=public
sudo firewall-cmd --list-ports --zone='public'
sudo firewall-cmd --list-ports --permanent
# Temporarily open specific ports.
sudo firewall-cmd --add-port=1978/tcp
sudo firewall-cmd --add-port=4990-4999/udp --zone=public
sudo firewall-cmd --add-port='1978/tcp'
sudo firewall-cmd --add-port='4990-4999/udp' --zone='public'
# Permanently open specific ports.
sudo firewall-cmd --add-port=22/tcp --permanent
sudo firewall-cmd --add-port=4990-4999/udp --zone=public --permanent
sudo firewall-cmd --add-port='22/tcp' --permanent
sudo firewall-cmd --add-port='4990-4999/udp' --zone='public' --permanent
# Close an open port.
sudo firewall-cmd --remove-port=1978/tcp
sudo firewall-cmd --remove-port=1978/tcp --zone=public
sudo firewall-cmd --remove-port='1978/tcp'
sudo firewall-cmd --remove-port='1978/tcp' --zone='public'
sudo firewall-cmd --permanent --remove-service='ssh'
# Create a new zone.
sudo firewall-cmd --new-zone=publicweb --permanent
sudo firewall-cmd --new-zone='publicweb' --permanent
# Make changes permanent.
sudo firewall-cmd --runtime-to-permanent
@@ -73,7 +74,7 @@ sudo firewall-cmd --reload
# Use the offline version.
# '--permanent' does not work here.
sudo firewall-offline-cmd --add-port=22/tcp && sudo firewall-cmd --reload
sudo firewall-offline-cmd --add-port='22/tcp' && sudo firewall-cmd --reload
```
## Further readings