i use firewall-cmd, my default zone is block. But all Applications (like Firefox) have access to the internet. Firewalld is active. Why?
There i no rule in firewalld-cmd to allow this.
i want to block all traffic (in and out) for a specific interface like enp0s3 and allow outgoing only for tun0. how can i do this?
Block all traffic in firewalld
Re: Block all traffic in firewalld
firewall-cmd --panic-on
Re: Block all traffic in firewalld
that blocks all traffic. i want to block all traffic only for a specific device like enp0s3
i can not find a method to show or add block rules for outgoing traffic in firewall-cmd
i can not find a method to show or add block rules for outgoing traffic in firewall-cmd
Re: Block all traffic in firewalld
I guess you could setup a rich rule to drop traffic at the layer 3 (i.e.: ip level), NOT layer 2 (i.e.: interface). Store that in a new zone and then switch zones when needed.
Re: Block all traffic in firewalld
If you don't want any traffic on an interface, then the trivial solution is to take that interface down. No interface => no traffic.
However, you do mention an another interface named "tun0". Those are usually created on software, like VPN, and their functionality does require a physical interface too. In other words, blocking the underlying physical interface is likely to affect the logical interfaces too.
However, you do mention an another interface named "tun0". Those are usually created on software, like VPN, and their functionality does require a physical interface too. In other words, blocking the underlying physical interface is likely to affect the logical interfaces too.
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: Block all traffic in firewalld
Another option I have read about is to use SELinux to tag the traffic from specific SELinux domains and filter that with IPTABLES.