Hi,
I am logged in to a remote server, which is running CentOS 7.9. I can launch firewall-config without sudo. (Obviously, that's not very helpful, because it won't get any connection to firewalld, but it should indicate, that my X11 related setup is alright.)
What I can't do, is
[jwi@daehgcs63815 ~]$ firewall-config
[jwi@daehgcs63815 ~]$ sudo firewall-config
X11 connection rejected because of wrong authentication.
X11 connection rejected because of wrong authentication.
X11 connection rejected because of wrong authentication.
(firewall-config:25260): Gtk-WARNING **: 17:26:25.226: cannot open display: localhost:10.0
Is there any possibility to make either of these commands working? (For example, launch firewall-config without X11, or make firewalld accessable without sudo.)
Thanks,
Jochen
firewall-config-tui
Re: firewall-config-tui
Don't have an answer for the question you asked but you could bypass the problem by using firewall-cmd instead.
Disclaimer: I hate firewalld and would not use it if paid!
Disclaimer: I hate firewalld and would not use it if paid!
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: firewall-config-tui
Sneaky Red Hat did backport nf-tables into el7 kernel around el7_4. One has thus
firewalld.service, nftables.service, and iptables.service to choose from.
The question is though, how does the el7 version of fail2ban operate?
Does it know even the firewalld, or does it still use iptables directly?
In /etc/fail2ban/jail.d/00-firewalld.conf:
With that package/config fail2ban does use FirewallD rich rules.
By content of /etc/fail2ban/action.d/ it might know nftables too, and the
default jail.conf seems to use iptables directly.
Besides, CentOS 7 does not "supply fail2ban". EPEL does.
firewalld.service, nftables.service, and iptables.service to choose from.
The question is though, how does the el7 version of fail2ban operate?
Does it know even the firewalld, or does it still use iptables directly?
In /etc/fail2ban/jail.d/00-firewalld.conf:
Code: Select all
# This file is part of the fail2ban-firewalld package to configure the use of
# the firewalld actions as the default actions. You can remove this package
# (along with the empty fail2ban meta-package) if you do not use firewalld
[DEFAULT]
banaction = firewallcmd-rich-rules[actiontype=<multiport>]
banaction_allports = firewallcmd-rich-rules[actiontype=<allports>]
By content of /etc/fail2ban/action.d/ it might know nftables too, and the
default jail.conf seems to use iptables directly.
Thus answer to @Whoever is: no, does not require, and yes, there is a way.
Besides, CentOS 7 does not "supply fail2ban". EPEL does.
Re: firewall-config-tui
There's a fail2ban-firewalld package in EPEL7...
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke