Hi; sorry for my bad english (spanish and french help are welcome!)
On my school we have and old Centos 5.8 with a system to prevent not allowed to the wireless, wich is dhcp server. This system was created by the old manager, never more working here. It creates a list of fixed ip associated to an mac-adress; if no match, no connection! Great job! This system creates a lot of iptables rules like this one, using an script:
$IPTABLES -A INPUT -m mac --mac-source c4:17:fe:b3:ae:75 -s 192.168.2.247 -i $ETH_WIFI -j ACCEPT
Question1: how to recreate this rules with firewall-cmd?
And if possible, is there another system to make te same control?
Thanks a lot.
PS: I am not an expert, as you can suppose. Thank you.
firewall-cmd rules conversion
Re: firewall-cmd rules conversion
You don't have to use firewalld on CentOS 7, you can disable it and install the iptables service and use that instead.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: firewall-cmd rules conversion
Thanks for the reply. I have read about this solution, but I'm very confused because in many places are saying that this is not convenient..I have read that use iptables instead is simply...
I don't know what to do!
I don't know what to do!
Re: firewall-cmd rules conversion
Yes but if your current solution is based around using iptables directly then firewalld is going to need a huge conversion effort so just removing it and using the old style iptables service will fix that issue.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: firewall-cmd rules conversion
So, it will be any problem in the future with new releases? Iptables will be allways there in Centos?
Re: firewall-cmd rules conversion
I can't make promises about what will in future releases because only Redhat knows. However, since firewalld is only a front-end to iptables in the first place and manipulates and controls the running rules, I suspect it would be difficult to remove iptables without also breaking firewalld!
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: firewall-cmd rules conversion
OK, thanks for your help, will remove firewalld and try.
Ciao
Ciao