Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: using firewall to block port
Operating Systems Linux using firewall to block port Post 302299998 by Lordlava on Sunday 22nd of March 2009 09:09:48 PM
Old 03-22-2009
Thanks
I used the above examples and I have got what I needed to work. Thanks.

I could not get the multiple IP adrdresses working or the REJECT line but hopefully I will not need them.

Lordlava
 

10 More Discussions You Might Find Interesting

1. Solaris

How to open SSH port on firewall?

Hi, So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years. We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies

2. IP Networking

How to know port is block..

My server is running on a port 16386, in the case when this port is blocked by some other application ( anti virus etc. ) or firewall then how do i know it's block? Is bind will return any specific error in this case. I have to know is it blocked or not? (2 Replies)
Discussion started by: Saurabh78
2 Replies

3. Linux

can ping without firewall; no port 631

Well, since I wrote the below, I've learned a little more about Samba, and got them to at least acknowledge each other. Still can't use Gaurd dog. Still cant print from one to the other. I'm learning I'm learning I recently installed mepis 7 on both my laptop and laptop. (I came... (0 Replies)
Discussion started by: Sonshyne5
0 Replies

4. IP Networking

Is there any way to add an exception for a port in the firewall setting, permanently?

Hello, I want to add a port in the firewall exception list so that my application can be accessed over network even if firewall is disabled. I am using iptables command to add exception. The problem is, after setting the rule if I change the firewall setting i.e. on/off then it is overwriting... (1 Reply)
Discussion started by: senrooy
1 Replies

5. UNIX for Advanced & Expert Users

Linux bridged firewall - monitor traffic & block IP

Hi All, I successfully configured a DEBIAN Lenny bridged firewall using ebtables. The bridged interface is br0. The ethernet interface are eth0 & eth1 respectively. All the traffic are transparently passing my firewall but i need to find & block temporarily the bandwidth abusers. Can... (1 Reply)
Discussion started by: coolatt
1 Replies

6. UNIX for Dummies Questions & Answers

Rsync port and firewall

hi guys I doing some collocation for a customer, customer requested to use other port for ssh not the default one. OK no problem and customer will be using rsync to sync backups among other things I know we have to open port let's say port 5999 for ssh since we are using that one now but I... (1 Reply)
Discussion started by: karlochacon
1 Replies

7. UNIX for Dummies Questions & Answers

iptables rule to block access from VM Browser to Firewall Login Page

(1 Reply)
Discussion started by: senrabdet
1 Replies

8. Shell Programming and Scripting

Good way to check firewall port on Linux centos 7

Hi, I need to know what kind of firewall settings does the linux box have? Is port 25 blocked in any way? Linux techx 3.10.0-514.10.2.el7.x86_64 #1 SMP Fri Mar 3 00:04:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I'm coming from this thread. (1 Reply)
Discussion started by: mohtashims
1 Replies

9. Shell Programming and Scripting

How to check the IP:PORT firewall uses?

I have my firewall process running # ps -ef | grep firewall root 21169 1 0 08:50 ? 00:00:00 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid I wish to know what ip : port number it is using. Can you please tell me how can i find out ? I tried the below command... (4 Replies)
Discussion started by: mohtashims
4 Replies

10. Shell Programming and Scripting

Unable to open firewall port for external traffic.

Below is what i did to open the firewall port on # sudo firewall-cmd --zone=public --add-port=27012/tcp --permanent Warning: ALREADY_ENABLED: 27012:tcp success # sudo firewall-cmd --reload success # firewall-cmd --list-all public target: default icmp-block-inversion: no ... (10 Replies)
Discussion started by: mohtashims
10 Replies

LEARN ABOUT CENTOS

firewalld.zones

FIREWALLD.ZONES(5)						  firewalld.zones						FIREWALLD.ZONES(5)

NAME

       firewalld.zones - firewalld zones

DESCRIPTION

   What is a zone?
       A network zone defines the level of trust for network connections. This is a one to many relation, which means that a connection can only
       be part of one zone, but a zone can be used for many network connections.

       The zone defines the firewall features that are enabled in this zone:

       Predefined services
	   A service is a combination of port and/or protocol entries. Optionally netfilter helper modules can be added and also a IPv4 and IPv6
	   destination address.

       Ports and protocols
	   Definition of tcp or udp ports, where ports can be a single port or a port range.

       ICMP blocks
	   Blocks selected Internet Control Message Protocol (ICMP) messages. These messages are either information requests or created as a reply
	   to information requests or in error conditions.

       Masquerading
	   The addresses of a private network are mapped to and hidden behind a public IP address. This is a form of address translation.

       Forward ports
	   A forward port is either mapped to the same port on another host or to another port on the same host or to another port on another
	   host.

       Rich language rules
	   The rich language extends the elements (service, port, icmp-block, masquerade and forward-port) with additional source and destination
	   addresses, logging, actions and limits for logs and actions. It can also be used for host or network white and black listing (for more
	   information, please have a look at firewalld.richlanguage(5)).

       For more information on the zone file format, please have a look at firewalld.zone(5).

   Which zones are available?
       Here are the zones provided by firewalld sorted according to the default trust level of the zones from untrusted to trusted:

       drop
	   Any incoming network packets are dropped, there is no reply. Only outgoing network connections are possible.

       block
	   Any incoming network connections are rejected with an icmp-host-prohibited message for IPv4 and icmp6-adm-prohibited for IPv6. Only
	   network connections initiated within this system are possible.

       public
	   For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections
	   are accepted.

       external
	   For use on external networks with masquerading enabled especially for routers. You do not trust the other computers on networks to not
	   harm your computer. Only selected incoming connections are accepted.

       dmz
	   For computers in your demilitarized zone that are publicly-accessible with limited access to your internal network. Only selected
	   incoming connections are accepted.

       work
	   For use in work areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections
	   are accepted.

       home
	   For use in home areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections
	   are accepted.

       internal
	   For use on internal networks. You mostly trust the other computers on the networks to not harm your computer. Only selected incoming
	   connections are accepted.

       trusted
	   All network connections are accepted.

   Which zone should be used?
       A public WIFI network connection for example should be mainly untrusted, a wired home network connection should be fairly trusted. Select
       the zone that best matches the network you are using.

   How to configure or add zones?
       To configure or add zones you can either use one of the firewalld interfaces to handle and change the configuration: These are the
       graphical configuration tool firewall-config, the command line tool firewall-cmd or the D-BUS interface. Or you can create or copy a zone
       file in one of the configuration directories.  /usr/lib/firewalld/zones is used for default and fallback configurations and
       /etc/firewalld/zones is used for user created and customized configuration files.

   How to set or change a zone for a connection?
       The zone is stored into the ifcfg of the connection with ZONE=option. If the option is missing or empty, the default zone set in firewalld
       is used.

       If the connection is controlled by NetworkManager, you can also use nm-connection-editor to change the zone.

SEE ALSO

       firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.icmptype(5),
       firewalld.lockdown-whitelist(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5),
       firewalld.zones(5)

NOTES

       firewalld home page at fedorahosted.org:
	   http://fedorahosted.org/firewalld/

       More documentation with examples:
	   http://fedoraproject.org/wiki/FirewallD

AUTHORS

       Thomas Woerner <twoerner@redhat.com>
	   Developer

       Jiri Popelka <jpopelka@redhat.com>
	   Developer

firewalld 0.3.9 														FIREWALLD.ZONES(5)
All times are GMT -4. The time now is 08:12 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy