On our WISP, we have a WAN with about a dozen subnets in the 172.16.x.x space. I have a small server on the 172.16.10.x subnet, statically configured.
Let's say I want to open 5201/tcp|5201/udp for an iperf3 server to all those subnets.
Let's also say I want to open 873/tcp|873/udp for an rsyncd server to just one subnet, say 172.16.10.0/24.
What's the best way to go about doing this?
Add 172.16.10.0/24 as a destination in the rsyncd.xml service profile?
Create a zone with 172.16.10.0/24 as a source and add the rsyncd service to that zone?
Run the iperf3 service in the public zone, having added the interface to that zone?
Something else?
On Sun, Nov 29, 2020 at 10:05:01PM -0000, Gordon harris wrote:
On our WISP, we have a WAN with about a dozen subnets in the 172.16.x.x space. I have a small server on the 172.16.10.x subnet, statically configured.
Let's say I want to open 5201/tcp|5201/udp for an iperf3 server to all those subnets.
Let's also say I want to open 873/tcp|873/udp for an rsyncd server to just one subnet, say 172.16.10.0/24.
What's the best way to go about doing this?
Add 172.16.10.0/24 as a destination in the rsyncd.xml service profile?
Create a zone with 172.16.10.0/24 as a source and add the rsyncd service to that zone?
Run the iperf3 service in the public zone, having added the interface to that zone?
Something else?
You need to give more details. What node is running firewalld and where is it in the network? Is it the gateway/router?
firewalld-users@lists.fedorahosted.org