CentOS

Dear all forumer, I had configured my Centos 9 stream to implement IPS with suricata. Everything run perfectly except the traffic is not directed to nftables yet. This is my nftables firewall rules. /etc/sysconfig/nftables.config table inet filter { chain input { type filter hook input priority 0; p...

Please tell me on how to do it rather than ask me to read some documentation. Questions: Backup current ruleset and flush the current ruleset? Can you tell me how to load nft ruleset into kernel temporalily and load the nft config file permanenetly? I'm using this firewall rules at below. https://wi...

1. In firewall-cmd, we can made runtime-to-permanent, is there any features of nftables. I want to test the firewall rules first before made permanent. If yes, what command? The firewalld has its config stored in files. The service reads the config from files to memory (runtime) on boot (and on som...

man update-crypto-policies Do you recommend me to input this command update-crypto-policies --set FUTURE. I worry things will breaks such as install software. I had try to install CENTOS with advanced security profiles and I cannot sudo command - only can login as su, trigger software install error...

There are two semi-related things in what you see. One is the nftables syntax. It differs from iptables syntax. One can read the description of syntax: https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes Or look at examples: https://linux-audit.com/nftables-begi...

error 691 "The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server" I'm sure that the usernam and password input is correct. The authentication protocol is PE...

Anyone please help me. I did not find anything from google search.

First, you can look at what firewalld does for you with: nft list ruleset If you are not happy with that and can't find a way to tell the firewalld to do what you desire, then disable the firewalld.service , enable the nftables.service , and write a ruleset that you think is better. However, do rem...

Dear All, I'm using Centos 9 Stream and i need connect my company network which is WiFI Enterprise. I follow ubuntu forum which setup a file /etc/NetworkManager/system-connections/SriPentas-0fbafd7a-1fe7-4559-a1ba-a30f98383acc.nmconnection [connection] id=SriPentas uuid=0fbafd7a-1fe7-4559-a1ba-a30f9...

First, there is no iptables. The kernel has now nftables. Second, the firewall rules are by default managed by FirewallD and firewalld's default is to: 1. Allow outgoing traffic 2. Reject routed traffic 3. All incoming traffic is in zone 'public' The zone public has rules: 1. Allow incoming new con...