Problems after updating the system

Issues related to applications and software problems and general support
Post Reply
skveen
Posts: 12
Joined: 2013/09/01 12:31:41

Problems after updating the system

Post by skveen » 2019/12/25 14:41:05

After updating from 6.10 to 8.01905
Copying scripts of firewall and vpn configuration files from old system to new system doesn't work:
The internal network cannot access the Internet, and the external network cannot access the local VPN service
selinux is closed

These configurations work fine on older systems.
So I think the problem should come from the system
If can't solve it tomorrow, will switch to debian.
Top
hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:
Contact hunter86_bg

Re: Problems after updating the system

Post by hunter86_bg » 2019/12/25 15:37:27

You are saying you are trying to switch from CentOS 6 to CentOS 8 and stuff is not working ... What a surprise.
You should have checked that RHEL 8/ CentOS 8 is using nftables and the 'iptables' command is just a 'translator' which might not deal OK with older syntax.

Either recreate your rules from scratch in firewalld (if possible) or in nftables , or switch to another distro.
Top
User avatar
jlehtone
Posts: 4532
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Problems after updating the system

Post by jlehtone » 2019/12/25 16:39:54

skveen wrote:
2019/12/25 14:41:05
 These configurations work fine on older systems.
So I think the problem should come from the system
Riding a horse works fine with a horse, but riding a bike requires different movements. That is not the fault of the bike.


Putting the external interface into firewall zone 'external' and keeping internal interface on zone 'public' should at least enable routing (aka ip forwarding) and enable masquerade (aka NAT) on the external interface. I don't remember, whether forward filter allows traffic from public to external. Trusted to external is definitely routed.

If firewalld already defines "service vpn" that opens correct ports, then add that service to the external zone. If not, then define such service first.

Red Hat has extensive documentation for RHEL 8. Most of it applies to CentOS 8.


Are you familiar with Debian? According to wikipedia all supported versions of Debian use nftables. Even if not true, there is surely as much to convert as there is to CentOS 8. It is up to you, which distro you want to learn properly.
Top
skveen
Posts: 12
Joined: 2013/09/01 12:31:41

Re: Problems after updating the system

Post by skveen » 2019/12/26 11:31:36

yes .you are right.

thanks
Top
BShT
Posts: 585
Joined: 2019/10/09 12:31:40

Re: Problems after updating the system

Post by BShT » 2019/12/26 12:01:15

build a sand box and validate your confs
Top
skveen
Posts: 12
Joined: 2013/09/01 12:31:41

Re: Problems after updating the system

Post by skveen » 2019/12/27 10:50:50

BShT wrote:
2019/12/26 12:01:15
 build a sand box and validate your confs
yes ,i am doing
thinks.
firewalld is more interesting than iptables
Top
Post Reply

Return to “8 /8-Stream / 9-Stream - General Support”