mirror of
https://github.com/mikaela/mikaela.github.io/
synced 2024-11-26 06:19:33 +01:00
parent
1025ad4f9c
commit
49b25ecf13
55
n/firewalld.md
Normal file
55
n/firewalld.md
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
---
|
||||||
|
layout: null
|
||||||
|
permalink: /n/firewalld.html
|
||||||
|
redirect_from:
|
||||||
|
- /n/firewall-cmd.html
|
||||||
|
sitemap: false
|
||||||
|
---
|
||||||
|
|
||||||
|
# Quick note on firewalld usage
|
||||||
|
|
||||||
|
This is practically [/ufw](/ufw), but fore Firewalld which Fedora comes with.
|
||||||
|
The blog post also predates me having a /n directory here.
|
||||||
|
|
||||||
|
**_After done, run `sudo firewall-cmd --reload`_**
|
||||||
|
|
||||||
|
<!-- editorconfig-checker-disable -->
|
||||||
|
<!-- prettier-ignore-start -->
|
||||||
|
|
||||||
|
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
||||||
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
||||||
|
|
||||||
|
- [Zones](#zones)
|
||||||
|
- [Services](#services)
|
||||||
|
- [Ports](#ports)
|
||||||
|
|
||||||
|
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
||||||
|
|
||||||
|
<!-- prettier-ignore-end -->
|
||||||
|
<!-- editorconfig-checker-enable -->
|
||||||
|
|
||||||
|
## Zones
|
||||||
|
|
||||||
|
firewalld zones are privilege of NetworkManager users, this tends to be
|
||||||
|
a systemd-networkd household. Then again I don't believe in absolutely trusted
|
||||||
|
zones.
|
||||||
|
|
||||||
|
Zone would be specified by `--zone=home` in the commands. The other zone I
|
||||||
|
could imagine using is `public`.
|
||||||
|
|
||||||
|
## Services
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo firewall-cmd --add-service=mosh --permanent
|
||||||
|
```
|
||||||
|
|
||||||
|
## Ports
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# TODO: Don't do this, this is a ppor example.
|
||||||
|
# firewalld surely recognises 631 as a service of some name,
|
||||||
|
# and as noted before, --zone won't work on my systems.
|
||||||
|
sudo firewall-cmd --zone=home --permanent --add-port=631/tcp
|
||||||
|
```
|
||||||
|
|
||||||
|
- 631/tcp is used by cups.
|
Loading…
Reference in New Issue
Block a user