This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
firewalld [2018/08/08 13:23] k2patel created |
firewalld [2020/08/10 02:35] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Firewalld ====== | ====== Firewalld ====== | ||
- | Another package to manage another package... welcome to new world ... :D | + | Another package to manage another package... welcome to new world ... :D\\ |
Anyway but server need to keep rolling !! | Anyway but server need to keep rolling !! | ||
+ | |||
+ | ==== Replace firewalld with iptables ==== | ||
+ | This is tested with the RHEL7 | ||
+ | <code bash> | ||
+ | yum install -y iptables-services | ||
+ | iptables-save > /etc/sysconfig/iptables # preserve existing rule | ||
+ | systemctl stop firewalld | ||
+ | systemctl mask firewalld | ||
+ | systemctl enable iptables | ||
+ | systemctl enable ip6tables | ||
+ | systemctl start iptables | ||
+ | systemctl start ip6tables | ||
+ | </code> | ||
==== Adding rich rule ==== | ==== Adding rich rule ==== | ||
Line 12: | Line 25: | ||
source address="192.168.12.0/25" | source address="192.168.12.0/25" | ||
port protocol="tcp" port="9200" accept' | port protocol="tcp" port="9200" accept' | ||
+ | </code> | ||
+ | |||
+ | ==== Port redirection ==== | ||
+ | Using following command one can redirect port traffic to another. | ||
+ | <code bash> | ||
+ | # iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 8080 -j REDIRECT --to-port 8443 | ||
+ | firewall-cmd --permanent --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -o lo --dport 8080 -j REDIRECT --to-ports 8443 | ||
</code> | </code> |