Thursday, June 24, 2021

Persist firewal changes iptables redhat 7 across restart ?

Persist iptables redhat 7 ?


https://access.redhat.com/webassets/avalon/d/Red_Hat_Enterprise_Linux-7-Security_Guide-en-US/images/eee9192950e07b21f5c95b3ced63ae09/RHEL_Security-Guide_453350_0717_ECE_firewalld-comparison-rhel7.png

https://www.thegeekdiary.com/centos-rhel-how-to-make-iptable-rules-persist-across-reboots/

[IMPORTANT]

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using_firewalls#sec-Getting_started_with_firewalld


https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units

https://serverfault.com/questions/708728/iptables-not-starting-upon-reboot

https://www.tecmint.com/linux-firewall-iptables-interview-questions-and-answers/    [IMP]

https://www.digitalocean.com/community/tutorials/how-to-configure-a-linux-service-to-start-automatically-after-a-crash-or-reboot-part-1-practical-examples

https://linuxconfig.org/how-to-change-a-runlevel-on-rhel-7-linux-system


Typically the location of iptables configuration lies at ‘/etc/sysconfig/iptables‘ whereas firewalld configuration lies at ‘/etc/firewalld/‘, which is a set of XML files.


EDIT

/etc/firewalld/zones/public.xml


sudo systemctl status firewalld

sudo /sbin/service iptables status

sudo /sbin/service iptables save

sudo less /etc/sysconfig/iptables

sudo iptables -S

sudo iptables -A IN_public_allow -p tcp -m tcp --dport 27017 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT


-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT

-A IN_public_allow -p tcp -m tcp --dport 8080 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT



  <service name="ssh"/>

  <service name="dhcpv6-client"/>

  <port protocol="tcp" port="8080"/>

No comments:

Post a Comment

Azure - Pipeline - Add Approver for Stage

https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass