firewalld_zone_service
Table of Contents
FirewallD
Create new zone
- Create new zone and add sources and services:
firewall-cmd --permanent --new-zone=monitoring firewall-cmd --permanent --zone monitoring --add-source=<monitoring source address> firewall-cmd --permanent --zone monitoring --add-service=<your services> firewall-cmd --reload
Create new service
- Get zones:
firewall-cmd --get-zones
- Set default zone:
firewall-cmd --set-default-zone=internal
- Verify:
firewall-cmd --get-zone-of-interface=eth0
- Stop firewalld:
systemctl stop firewalld.service
- Create service file:vi /etc/firewalld/services/splunk.xml
<?xml version="1.0" encoding="utf-8"?> <service version="1.0"> <short>splunk</short> <port port="8000" protocol="tcp"/> </service>
- Start firewalld:
systemctl start firewalld.service
- Add service to zone:
firewall-cmd --permanent --zone=internal --add-service=splunk
- Restart firewalld:
systemctl restart firewalld
firewalld_zone_service.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1