firewalld and close a port.

Issues related to configuring your network
Post Reply
hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

firewalld and close a port.

Post by hack3rcon » 2019/01/01 08:30:16

Hello.
How can I close a port by "firewall-cmd"? Can "Disable" mean "close"? For example:

Code: Select all

# firewall-cmd --permanent --disable-port=445/tcp.
Is it mean close port 445?

Thank you.

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: firewalld and close a port.

Post by hunter86_bg » 2019/01/01 21:00:25

Firewalld only open ports, as by-default they are closed.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: firewalld and close a port.

Post by hack3rcon » 2019/01/02 10:13:39

hunter86_bg wrote:
2019/01/01 21:00:25
Firewalld only open ports, as by-default they are closed.
Thank you.
What does "disable" mean here? Can it use for disable a rule or disable a policy that applied on a port?

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: firewalld and close a port.

Post by hunter86_bg » 2019/01/02 21:02:33

Everything is closed by default. Egress (outbound) connections are allowed by default and I'm not sure if firewalls supports egress restrictions.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: firewalld and close a port.

Post by hack3rcon » 2019/01/03 04:01:10

hunter86_bg wrote:
2019/01/02 21:02:33
Everything is closed by default. Egress (outbound) connections are allowed by default and I'm not sure if firewalls supports egress restrictions.
"Everything is closed by default." , is you mean inbound connections? Firewalls can't support blocking outbound connections?

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: firewalld and close a port.

Post by jlehtone » 2019/01/03 12:20:33

firewalld gives rules for kernel. You can peek what it did with:

Code: Select all

iptables -S
iptables -t nat -S
iptables -t mangle -S
Yes, the default outbound rules are:

Code: Select all

-P OUTPUT ACCEPT
-N OUTPUT_direct
-A OUTPUT -j OUTPUT_direct
That is "ACCEPT".

You can filter outgoing traffic with firewalld direct rules.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: firewalld and close a port.

Post by hack3rcon » 2019/01/04 05:55:38

jlehtone wrote:
2019/01/03 12:20:33
firewalld gives rules for kernel. You can peek what it did with:

Code: Select all

iptables -S
iptables -t nat -S
iptables -t mangle -S
Yes, the default outbound rules are:

Code: Select all

-P OUTPUT ACCEPT
-N OUTPUT_direct
-A OUTPUT -j OUTPUT_direct
That is "ACCEPT".

You can filter outgoing traffic with firewalld direct rules.
Thank you.
Can you show me an example about allowing port 80 (Outbound)?

Post Reply