Search found 13 matches

by eitancaspi
2020/05/20 08:31:39
Forum: CentOS 7 - Security Support
Topic: Version upgrade
Replies: 6
Views: 438

Re: Version upgrade

Got it. Thanks!
by eitancaspi
2020/05/14 14:34:21
Forum: CentOS 7 - Security Support
Topic: Version upgrade
Replies: 6
Views: 438

Re: Version upgrade

OK, thanks.
by eitancaspi
2020/05/14 14:22:53
Forum: CentOS 7 - Security Support
Topic: Version upgrade
Replies: 6
Views: 438

Re: Version upgrade

Thanks.

Well, I'm the only admin of my server and I like to use "greatest and latest"... I will think of it.

And what is the difference between the 0.7.x branch to the 0.8.x one?
by eitancaspi
2020/05/14 13:56:45
Forum: CentOS 7 - Security Support
Topic: Version upgrade
Replies: 6
Views: 438

Version upgrade

Hi, I use CentOS 7 and it has version 0.6.3 of firewalld. Trying to yum update it gets a reply there are not upgrade packages. Is there any reason why not to move to a newer version (with manual upgrade from the firewalld site (https://firewalld.org/download/all.html)? Also, if upgrading, I see two ...
by eitancaspi
2020/05/14 13:21:38
Forum: CentOS 7 - Security Support
Topic: Cannot see logs of allowed traffic
Replies: 0
Views: 201

Cannot see logs of allowed traffic

Hi, I use firewalld 0.6.3 on CentOS 7. I have one active zone, public, which its target is DROP and its config is: target: DROP icmp-block-inversion: no interfaces: eth0 sources: services: ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: There are few rich rules of only all...
by eitancaspi
2020/05/11 14:14:04
Forum: CentOS 7 - Security Support
Topic: Rich rule is added with "success" but does not shown eventually in the configuration
Replies: 2
Views: 206

Re: Rich rule is added with "success" but does not shown eventually in the configuration

Thanks Thraex!

I feel so stupid!... :(

I had some much trouble finding the correct syntax to mention a destination port that when finally I found the correct way - I forgot to add the permanent directive... I need a vacation...

Yes, of course, now it works...

Thanks!
by eitancaspi
2020/05/11 13:48:56
Forum: CentOS 7 - Security Support
Topic: Rich rule is added with "success" but does not shown eventually in the configuration
Replies: 2
Views: 206

Rich rule is added with "success" but does not shown eventually in the configuration

Hi, I use latest CentOS 7 and latest Firewalld. I have a strange situation where when I add a rich rule, the OS shows "success", I reload firewalld, but then rule is missing when I run "firewall-cmd --info-zone=public"... it is also not found at the relevant zone file (public.xml). The rule is as fo...
by eitancaspi
2020/02/27 09:34:16
Forum: CentOS 7 - Security Support
Topic: Firewalld zone sources behavior
Replies: 9
Views: 415

Re: Firewalld zone sources behavior

Thanks for the detailed explanation.
Well, I didn't try what you offer, but currently it looks too complex for me in order to achieve what I need, at my current network design, but I will remember this for future needs.
Thank you!!
by eitancaspi
2020/02/26 22:34:19
Forum: CentOS 7 - Security Support
Topic: Firewalld zone sources behavior
Replies: 9
Views: 415

Re: Firewalld zone sources behavior

Your link article says what I said: " When a zone processes a packet due to its source or interface, but there is no rule that explicitly handles the packet, the target of the zone determines the behavior: ACCEPT: accept the packet. %%REJECT%%: reject the packet, returning a reject reply. DROP: drop...
by eitancaspi
2020/02/26 22:32:00
Forum: CentOS 7 - Security Support
Topic: Firewalld zone sources behavior
Replies: 9
Views: 415

Re: Firewalld zone sources behavior

I see your point, per the link you shared - "An active zone is any zone that is configured with an interface and/or a source".

But I have only one interface, which is assigned only to one zone, "public", so I think I have a very simple config.
Why do you think I should/must have two zones?

Go to advanced search