Eric, I wanted to make sure I understand what you are suggesting below: 1. Are you saying to delete all files under /etc/firewalld ? a. or just firewalld.conf and/or lockdown-whitelist.xm?
2. Then run the following commands to block out all traffic:
firewall-cmd --set-default-zone=block
Will this "DROP" all traffic vs. "REJECT"? firewall-cmd --permanent --zone trusted --add-source <ip_address>firewall-cmd --reload This will all access to all ports from what ever IP address that I add? If I also would want to allow pings from anywhere what would I use there? If I want to allow say ftp from only an IP address would it be added to trusted as well and how would I do that? I think that will do it for now, thanks again for your help and time. Steve
On Monday, November 16, 2020, 12:30:07 PM EST, Eric Garver egarver@redhat.com wrote:
On Mon, Nov 16, 2020 at 02:56:42PM +0000, Steve Frazier wrote:
I come from iptables (didn't know it well but enough to get by). I am trying to learn firewalld now which appears to be much more powerful. First of all I need some help, please. I would like to remove all the rules and zones since I have probably messed up my installation so far and do the following:
You can remove the user configuration files in the directories `/etc/firewalld/*/`. Do firewalld.conf or lockdown-whitelist.xml files.
I would like to "DROP" all outside traffic I would then like to only allow all ports from (2) two IP addresses. Could someone explain to me how to do this.
1. Make "block" or "reject" the default zone.
# firewall-cmd --set-default-zone=block
2. Then add your allowlist IPs to the trusted zone which allows everything.
# firewall-cmd --permanent --zone trusted --add-source <ip_address> # firewall-cmd --reload
My configuration only has: (1) one public IP Address (ens3) Thanks in advance. Also, is there a good tutorial that would walk me through learning firewalld? Thanks again for this as well. Have a great day.
The upstream website has some documentation: