Zusammenfassung der Ressource
Firewall and SELINUX - RHCSA
Anmerkungen:
- https://www.goconqr.com/pt-BR/mind_maps/18895089/edit
Anlagen:
- yum list installed | egrep "iptables|firewalld"
- IPTABLES
- cat /etc/sysconfig/iptables
- iptables -L
- iptables -F
- iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
- iptables -A OUTPUT -p icmp -j DROP
- iptables -I INPUT -m state --state NEW,ESTABLISHED -p tcp --dport 25 \ -j DROP
- iptables -A FOWARD -d 192.168.0.0/24 -j ACCEPT
- service iptables save
- iptables-save > /iptablesbkp
- iptables-restore < /iptablesbkp
- systemctl enable firewalld
- systemctl start firewalld
- Firewalld
- ll /usr/lib/firewalld
- ll /etc/firewalld
- firewall-cmd
- --state
- --reload
- --permanent
- --get-default-zone
- --get-services
- --list-all
- --list-services
- --add-service
- --remove-service
- --query-service
- --list-ports
- --add-port
- --remove-port
- --query-port
- --list-forward-ports
- --add-forward-port
- --remove-forward-port
- --query-forward-port
- --list-interfaces
- --add-interfaces
- --remove-interfaces
- --query-interfaces
- RULES
- firewall-cmd --get-default-zones
- firewall-cmd --permanent --add-service=http
- firewall-cmd --reload
- firewall-cmd --add-port=443/tcp
- firewall-cmd --permanent --add-port=59001-59010/tcp ; firewall-cmd --reload
- firewall-cmd --list-services
- firewall-cmd --list-ports
- iptables -L -n
Anmerkungen:
- firewall-cmd --state
- firewall-cmd --permanent --remove-service=http
- firewall-cmd --reload