User Tools

Site Tools


firewalld

Firewalld

Another package to manage another package… welcome to new world … :D
Anyway but server need to keep rolling !!

Replace firewalld with iptables

This is tested with the RHEL7

yum install -y iptables-services
iptables-save > /etc/sysconfig/iptables  # preserve existing rule
systemctl stop firewalld
systemctl mask firewalld
systemctl enable iptables
systemctl enable ip6tables
systemctl start iptables
systemctl start ip6tables

Adding rich rule

firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.12.0/25"
  port protocol="tcp" port="9200" accept'

Port redirection

Using following command one can redirect port traffic to another.

# iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 8080 -j REDIRECT --to-port 8443
firewall-cmd --permanent --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -o lo --dport 8080 -j REDIRECT --to-ports 8443
firewalld.txt · Last modified: 2019/05/01 11:12 by k2patel