Search found 16 matches

by kauer
2020/05/03 14:42:37
Forum: CentOS 8 - Security Support
Topic: firewalld - what's really going on?
Replies: 9
Views: 792

Re: firewalld - what's really going on?

Whoa! Well, I'm very new to CentOS8 generally and firewalld specifically. I didn't want to put the boot in too far as a newbie.

I found the abstraction reasonably straightforward,but I haven't had to dive too deep yet. BTW are you talking about firewalld or nf_tables? Or both?

Regards, K.
by kauer
2020/05/03 14:14:05
Forum: CentOS 8 - Security Support
Topic: firewalld - what's really going on?
Replies: 9
Views: 792

Re: firewalld - what's really going on?

If you want to limit outgoing traffic and/or have a "real router" between multiple subnets, then you probably should already know what it takes under the hood and hence can cope without the hood too. That is becoming obvious :-( I was hoping to get away without having to learn the not-very-friendly...
by kauer
2020/05/03 13:32:15
Forum: CentOS 8 - Networking Support
Topic: Firewalld Blocking RELATED,ESTABLISHED Inbound Since Update
Replies: 47
Views: 3063

Re: Firewalld Blocking RELATED,ESTABLISHED Inbound Since Update

Oh man, I feel your pain :-)

On the up side, this thread has been really helpful, my thanks to all contributors!

Maybe someone could confirm or deny this: Is it not possible to simply install iptables (the real iptables]) and go back to the good old days?

Regards, K.
by kauer
2020/05/03 11:28:40
Forum: CentOS 8 - Security Support
Topic: firewalld - what's really going on?
Replies: 9
Views: 792

Re: firewalld - what's really going on?

Thanks for the pointers. The referenced article (thanks, scottro) was an interesting read, but it doesn't discuss the nitty gritty at all. Thanks, jlehtone, for confirming my theory that while iptables was definitely under the hood in CentOS7, it is definitely NOT what's underneath firewalld in Cent...
by kauer
2020/05/03 08:48:00
Forum: CentOS 8 - Security Support
Topic: running script with sudo permission
Replies: 6
Views: 887

Re: running script with sudo permission

The biggest pitfall of all is leaving the script so that non-root users can change it. Make sure it is executable only by root. Make sure it is writeable only by root. Preferably make it READABLE only by root. Specify absolute paths to every executable used within the script. If the script takes par...
by kauer
2020/05/03 08:16:44
Forum: CentOS 8 - Security Support
Topic: firewalld - what's really going on?
Replies: 9
Views: 792

firewalld - what's really going on?

I'm very new to CentOS8. It was imposed on us for a project, but I'm liking it so far. I've got virtuals running (CentOS8 guests on a CentOS8 KVM+QEMU hypervisor) and it's all looking pretty good. Now I need to set up suitable packet filters. firewalld seems to be the preferred method. Abstraction i...

Go to advanced search