How to block port 389 when ldap is allowed as a service

Issues related to configuring your network
ddolecki108
Posts: 34
Joined: 2017/02/28 20:46:44

How to block port 389 when ldap is allowed as a service

Postby ddolecki108 » 2017/09/11 15:31:25

# firewall-cmd --zone=public --list-services
dhcpv6-client ldap ssh ldaps
# firewall-cmd --zone=public --list-ports
9830/tcp


So, I am testing secure ldap and would like to block ldap(port 389), how do I do that without modifying the service?.....

Thanks in advance....

hunter86_bg
Posts: 759
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: How to block port 389 when ldap is allowed as a service

Postby hunter86_bg » 2017/09/11 16:40:57

# firewall-cmd --info-service=ldap
ldap
ports: 389/tcp
protocols:
source-ports:
modules:
destination:
It seems that service "ldap" contains only that port, so you can safely remove it from your configuration:

Code: Select all

firewall-cmd --permanent --remove-service=ldap && firewall-cmd --reload


Note: You can temporarily remove it (skip the "--permanent" and the reload) for a short test.

ddolecki108
Posts: 34
Joined: 2017/02/28 20:46:44

Re: How to block port 389 when ldap is allowed as a service

Postby ddolecki108 » 2017/09/11 17:42:56

THANK YOU