Search found 140 matches
- 2018/07/02 11:37:18
- Forum: CentOS 7 - Networking Support
- Topic: FirewallCMD + Rich rule + Masquerade
- Replies: 2
- Views: 854
Re: FirewallCMD + Rich rule + Masquerade
I'm starting to realize this is more tricky than I've expected. I have 2 NICs in my Inner Firewall, thus I have 2 firewall zones applied external (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: ssh http https ports: protocols: masquerade: no forward-ports: sourc...
- 2018/07/02 09:40:28
- Forum: CentOS 7 - Networking Support
- Topic: FirewallCMD + Rich rule + Masquerade
- Replies: 2
- Views: 854
Re: FirewallCMD + Rich rule + Masquerade
I love this forum. Whenever I post a question, I usually find the answer in a few minutes. https://www.rootusers.com/how-to-use-firewalld-rich-rules-and-zones-for-filtering-and-nat/ I'm gonna try this right now and see if it works but instead of source, I'll designate a destination In this example a...
- 2018/07/02 09:34:46
- Forum: CentOS 7 - Networking Support
- Topic: FirewallCMD + Rich rule + Masquerade
- Replies: 2
- Views: 854
FirewallCMD + Rich rule + Masquerade
Hey Forum, I hope you can help me cause this is starting to be mindblowing for me. I have something like this as an IT architecture: Inner Server ---> Inner Firewall ---> Inner Loadbalancer ---> INTERNET ---> Farside LoadBalancer ---> Farside Firewall ---> Farside Server Now between the Inner server...
- 2018/01/23 12:50:21
- Forum: CentOS 7 - General Support
- Topic: bash script questions.
- Replies: 8
- Views: 2859
Re: bash script questions.
What kind of install do you want to run these scripts after? Minimal probably doesn't have the required packages installed that are needed. What I would do is as the 1st line, I would just install the dev-tools. Then I guess your other commands would run safe and sound too. Add before your scl line:...
- 2018/01/12 15:08:24
- Forum: CentOS 7 - Security Support
- Topic: FirewallD and network traffic filter
- Replies: 4
- Views: 2429
Re: FirewallD and network traffic filter
Cool! I've tested it with my own VMs and it was working like a charm. ;) What I had to do is simply: (If not MAC address, then drop) firewall-cmd --zone=public --add-rich-rule='rule source NOT mac="00:50:bf:5a:67:3d" drop' (If not IP address, then drop) firewall-cmd --zone=public --add-rich-rule='ru...
- 2017/12/14 15:04:28
- Forum: CentOS 7 - Security Support
- Topic: FirewallD and network traffic filter
- Replies: 4
- Views: 2429
Re: FirewallD and network traffic filter
I was affraid of these rich languages.....
- 2017/12/12 09:31:21
- Forum: CentOS 7 - Security Support
- Topic: FirewallD and network traffic filter
- Replies: 4
- Views: 2429
FirewallD and network traffic filter
Hey Forum!
How would you filter traffic on a CentOS 7 server to allow network traffic on certain NIC-s from specific MAC addresses only? I wish to use minimal 3rd party tools, so only built-in solutions would be preferred. FirewallD can do this like iptables? If not, then maybe Fail2Ban?
Bert
How would you filter traffic on a CentOS 7 server to allow network traffic on certain NIC-s from specific MAC addresses only? I wish to use minimal 3rd party tools, so only built-in solutions would be preferred. FirewallD can do this like iptables? If not, then maybe Fail2Ban?
Bert
- 2017/12/11 15:01:49
- Forum: CentOS 7 - Software Support
- Topic: Possible PHP 7.1 bug or crash on Centos 7??
- Replies: 26
- Views: 11835
Re: Possible PHP 7.1 bug or crash on Centos 7??
If I may share my workflow. I'm maintaining a few webservers where we are running laravel applications and OFC we need PHP as well. I'm using the REMI repository and it's 7.1 variant. Here is my command to initialize for installing PHP 7.1 on a webserver: yum install php php-soap php-fpm php-devel p...
- 2017/12/11 13:53:10
- Forum: CentOS 7 - Security Support
- Topic: Sendmail and SELinux are not friends?
- Replies: 11
- Views: 6976
Re: Sendmail and SELinux are not friends?
Yes, they have NginX, PHP-FPM, MySQL, NodeJS running and that is all. Other than that nothing else.
- 2017/12/11 10:30:34
- Forum: CentOS 7 - Security Support
- Topic: Sendmail and SELinux are not friends?
- Replies: 11
- Views: 6976
Re: Sendmail and SELinux are not friends?
Thanks Trevor, It is going to be a headache but I'll have to find a solution for this later in the future, but not in 2017 anymore. The owner of the webapp doesn't own an SMTP server and wishes to keep using sendmail and honestly. I can't blame him. Normally it works like a charm, the domain records...