firewalld_zone_service
FirewallD
Create new zone
Create new zone and add sources and services:
firewall-cmd --permanent --new-zone=monitoring
firewall-cmd --permanent --zone monitoring --add-source=<monitoring source address>
firewall-cmd --permanent --zone monitoring --add-service=<your services>
firewall-cmd --reload
Create new service
Get zones:
firewall-cmd --get-zones
Set default zone:
firewall-cmd --set-default-zone=internal
Verify:
firewall-cmd --get-zone-of-interface=eth0
Stop firewalld:
systemctl stop firewalld.service
Create service file:
vi /etc/firewalld/services/splunk.xml<?xml version="1.0" encoding="utf-8"?>
<service version="1.0">
<short>splunk</short>
<port port="8000" protocol="tcp"/>
</service>
Start firewalld:
systemctl start firewalld.service
Add service to zone:
firewall-cmd --permanent --zone=internal --add-service=splunk
Restart firewalld:
systemctl restart firewalld
firewalld_zone_service.txt · Last modified: 2021/10/09 15:14 (external edit)