Hello,
I would like some help with the Firewall GUI.
I've been looking through the security docs for RH and online but before making changes and breaking something I would like advice.
I have a testing HOST machine.
I see there are several zone options built-in for the firewall GUI.
From the physical HOST machine I want to limit it to only needed services/ports.
Basically I need access to internet, and I need my host to be able to get security updates.
If I choose the public zone , as that is the current default can someone tell me if it as easy as just un-checking every tick box except http and everything will work fine?
I also am using KVM with 4 VM's for testing so I want to be sure I do not break these as well.
I want to run the KVM's as securely as possible so I do not know if I should use the virtaul bridge/nic from each VM through the host to get to internet, or I saw option to do masquerading? I think I can use one of the VM for masquerading or proxy to get to internet with all the vm's can't I?
Thank You,
Lowry
Help with firewall settings to only allow http or bare necc.
- Super Jamie
- Posts: 310
- Joined: 2014/01/10 23:44:51
Re: Help with firewall settings to only allow http or bare n
FirewallD is only for restricting incoming traffic into zones.
You can either write an iptables rule and insert it with firewall-cmd --direct, or turn firewalld off and go completely back to iptables.
You can either write an iptables rule and insert it with firewall-cmd --direct, or turn firewalld off and go completely back to iptables.