Just out of curiosity, I see a lot of people here use Linux IPTables as their firewall.
Anyone here use something else like OpenBSD PF or *BSD IPF, IPFW?
I'm quite fond of OpenBSD and their Packet Filters. I find their syntax much easier to manage and from my personal experience, I find them... (5 Replies)
Would it be possible to restrict access to internet pages in the following way?
A machine:
IP = 128.1.17.123
Only pages from domains of the type "go.jp" and "ne.jp" are viewable. All others are not viewable or only partly viewable.
B machine:
IP = 128.1.17.146
Regardless of the domain... (4 Replies)
If I have a redirect ruleset do I need to allow those ports as well?
I.e., if I have this:
rdr on $ext proto tcp from any to ($ext) port 22 -> 10.0.0.87 port 12345
Do I need this?
pass in on $ext proto tcp from any to ($ext) port 22 (1 Reply)
Hi,
I really do not know how to describe this problem; but, I think it's a firewall
issue. My Distro is Slackware 12.0 (somewhat updated).
My company firewall uses Netfilter and the e-mail server uses Sendmail.
Let's say the firewall's Ext IP = A and Internal DMZ IP = B.
The firewall's... (0 Replies)
Dear All
I have put my windows machine behind my centos firewall server with just one NIC. At now, the windows machine can ping 192.9.9.3 but cannot resolve valid url (like www.google.com). I have set DNS for it as well. Can you please let me know what is the missing step?
Thank you (6 Replies)
Hey Guys,
I am looking for a good firewall software to implement in medium/large office, with at least 150 users.
I was hopping you guys could help me on this one.
Regards, (4 Replies)
Discussion started by: andrevicente
4 Replies
LEARN ABOUT CENTOS
firewalld.conf
FIREWALLD.CONF(5) firewalld.conf FIREWALLD.CONF(5)NAME
firewalld.conf - firewalld configuration file
SYNOPSIS
/etc/firewalld/firewalld.conf
DESCRIPTION
firewalld.conf is loaded by firewalld during the initialization process. The file contains the basic configuration options for firewalld.
OPTIONS
These are the options that can be set in the config file:
DefaultZone
This sets the default zone for connections or interfaces if the zone is not selected or specified by NetworkManager, initscripts or
command line tool. The default zone is public.
MinimalMark
For some firewall settings several rules are needed in different tables to be able to handle packets in the correct way. To achieve
that these packets are marked using the MARK target iptables(8) and ip6tables(8). With the MinimalMark option a block of marks can be
reserved for private use; only marks over this value are used. The default MinimalMark value is 100.
CleanupOnExit
If firewalld stops, it cleans up all firewall rules. Setting this option to no or false leaves the current firewall rules untouched.
The default value is yes or true.
Lockdown
If this option is enabled, firewall changes with the D-Bus interface will be limited to applications that are listed in the lockdown
whitelist (see firewalld.lockdownwhitelist(5)). The default value is no or false.
SEE ALSO firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.icmptype(5),
firewalld.lockdown-whitelist(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5),
firewalld.zones(5)NOTES
firewalld home page at fedorahosted.org:
http://fedorahosted.org/firewalld/
More documentation with examples:
http://fedoraproject.org/wiki/FirewallD
AUTHORS
Thomas Woerner <twoerner@redhat.com>
Developer
Jiri Popelka <jpopelka@redhat.com>
Developer
firewalld 0.3.9 FIREWALLD.CONF(5)