Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools



Create new zone

  • Create new zone and add sources and services:
    firewall-cmd --permanent --new-zone=monitoring
    firewall-cmd --permanent --zone monitoring --add-source=<monitoring source address>
    firewall-cmd --permanent --zone monitoring --add-service=<your services>
    firewall-cmd --reload

Create new service

  • Get zones:
    firewall-cmd --get-zones
  • Set default zone:
    firewall-cmd --set-default-zone=internal
  • Verify:
    firewall-cmd --get-zone-of-interface=eth0
  • Stop firewalld:
    systemctl stop firewalld.service
  • Create service file:vi /etc/firewalld/services/splunk.xml
    <?xml version="1.0" encoding="utf-8"?>
    <service version="1.0">
      <port port="8000" protocol="tcp"/>
  • Start firewalld:
    systemctl start firewalld.service
  • Add service to zone:
    firewall-cmd --permanent --zone=internal --add-service=splunk
  • Restart firewalld:
    systemctl restart firewalld
firewalld_zone_service.txt · Last modified: 2021/10/09 15:14 by