Problems after updating the system

Issues related to applications and software problems and general support
Post Reply
skveen
Posts: 12
Joined: 2013/09/01 12:31:41

Problems after updating the system

Post by skveen » 2019/12/25 14:41:05

After updating from 6.10 to 8.01905
Copying scripts of firewall and vpn configuration files from old system to new system doesn't work:
The internal network cannot access the Internet, and the external network cannot access the local VPN service
selinux is closed

These configurations work fine on older systems.
So I think the problem should come from the system
If can't solve it tomorrow, will switch to debian.

hunter86_bg
Posts: 2011
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: Problems after updating the system

Post by hunter86_bg » 2019/12/25 15:37:27

You are saying you are trying to switch from CentOS 6 to CentOS 8 and stuff is not working ... What a surprise.
You should have checked that RHEL 8/ CentOS 8 is using nftables and the 'iptables' command is just a 'translator' which might not deal OK with older syntax.

Either recreate your rules from scratch in firewalld (if possible) or in nftables , or switch to another distro.

User avatar
jlehtone
Posts: 2603
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Problems after updating the system

Post by jlehtone » 2019/12/25 16:39:54

skveen wrote:
2019/12/25 14:41:05
These configurations work fine on older systems.
So I think the problem should come from the system
Riding a horse works fine with a horse, but riding a bike requires different movements. That is not the fault of the bike.


Putting the external interface into firewall zone 'external' and keeping internal interface on zone 'public' should at least enable routing (aka ip forwarding) and enable masquerade (aka NAT) on the external interface. I don't remember, whether forward filter allows traffic from public to external. Trusted to external is definitely routed.

If firewalld already defines "service vpn" that opens correct ports, then add that service to the external zone. If not, then define such service first.

Red Hat has extensive documentation for RHEL 8. Most of it applies to CentOS 8.


Are you familiar with Debian? According to wikipedia all supported versions of Debian use nftables. Even if not true, there is surely as much to convert as there is to CentOS 8. It is up to you, which distro you want to learn properly.

skveen
Posts: 12
Joined: 2013/09/01 12:31:41

Re: Problems after updating the system

Post by skveen » 2019/12/26 11:31:36

yes .you are right.

thanks

BShT
Posts: 178
Joined: 2019/10/09 12:31:40

Re: Problems after updating the system

Post by BShT » 2019/12/26 12:01:15

build a sand box and validate your confs

skveen
Posts: 12
Joined: 2013/09/01 12:31:41

Re: Problems after updating the system

Post by skveen » 2019/12/27 10:50:50

BShT wrote:
2019/12/26 12:01:15
build a sand box and validate your confs
yes ,i am doing
thinks.
firewalld is more interesting than iptables

Post Reply

Return to “CentOS 8 - General Support”