Stack Overflow
Stack Overflow

Questions tagged [firewalld]

Questions regarding firewalld a firewall service daemon

Firewalld is a service daemon with D-Bus interface

Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces.

Site: http://www.firewalld.org/

140 questions
37
votes
3 answers

AllowZoneDrifting - Firewalld: What is it and should I disable it?

I am new here, so please forgive me if I am asking something silly. I have created a DO droplet on CentOS 8. After installing firewalld, I checked its status and it gives a warning. Apr 24 05:56:31 centos-s-1vcpu-1gb-blr1-01 firewalld[2956]:…
Manohar Bhatia
  • 371
  • 1
  • 3
  • 5
29
votes
3 answers

How to make Docker container see real user IP?

The problem Inside nginx-proxy Docker container (more info below), I always see the same IP adress for every connection: 172.18.0.1 (which is the nginx-proxy network gateway). For example: nginx.1 | www.my-site.tld 172.18.0.1 - -…
ololoepepe
  • 979
  • 1
  • 10
  • 18
10
votes
2 answers

firewall-cmd remove rich rule fails

I'm trying to remove some rich rules from firewall-cmd and it seems to work: firewall-cmd --remove-rich-rule 'rule family="ipv4" source address="10.4.220.143/32" port protocol="tcp" port="13782" accept' success But after I reload the rules and…
bluethundr
  • 1,005
  • 17
  • 68
  • 141
9
votes
1 answer

How to configure firewalld with docker 20.10

I realized that recently docker add integration with firewalld and I just want to setup my server using firewalld instead of iptables boring rules and chains. This is my docker zone output: root@test:~# sudo firewall-cmd --zone=docker --list-all…
Masoud Tavakkoli
  • 950
  • 13
  • 34
8
votes
2 answers

How to correct configuration for firewalld and docker/nginx?

I have a CentOS 7 server which was running happily for 600+ days until it was rebooted recently, after which incoming web requests were receiving HTTP523 (Origin Is Unreachable) error codes (via Cloudflare, if that makes a difference?) unless I…
DrMeers
  • 4,117
  • 2
  • 36
  • 38
8
votes
1 answer

How to setup FirewallD to filter traffic to docker exposed port

I have setup a pi-hole docker container and exposed the dns ports and port 80 on CentOS7. However the ports are available for all sources now which is not very handy since its running on a VPS. So I am trying to have firewallD filter the traffic…
Warsenius
  • 161
  • 1
  • 1
  • 7
6
votes
6 answers

How to reload Firewalld service using Ansible?

I added some rule to firewalld in centos 7 with ansible. But I must reload firewalld daemon thus service work properly. Is there any idea? Here is my ansible code: - name: Add port to firewalld firewalld: port: "{{ item }}" permanent: yes …
Ali
  • 337
  • 1
  • 5
  • 15
6
votes
1 answer

telnet timeout while port is open

I bought a VPS and built a shadowsocks server on it. It runs well for like 2 months and suddenly failed to work, i.e. I cannot use it overcome the GFW. So I check the server, reinstall everything, check the firewall, but still couldn't solve the…
Ch3_ong
  • 61
  • 1
  • 4
6
votes
2 answers

Ansible: firewalld and adding new zone

I' trying to add the following to an Ansible playbook: firewall-cmd --permanent --new-zone dockerc firewall-cmd --permanent --zone dockerc --add-source 172.17.0.0/16 firewall-cmd --permanent --zone dockerc --add-port 8443/tcp firewall-cmd…
Magick
  • 4,603
  • 22
  • 66
  • 103
5
votes
2 answers

firewalld change default target

From firewalld man page: –permanent [–zone=zone] --set-target=target Set the target of a permanent zone. target is one of: default, ACCEPT, DROP, REJECT The default target is REJECT. Is it possible to change the default target to DROP? If not,…
oO.o
  • 87
  • 1
  • 1
  • 6
5
votes
2 answers

docker makes port of container open to public

I have on centos7 docker container with nginx. Port 80 is available from outside despite on that this port NOT opened in firewalld. here rules for public zone: # firewall-cmd --zone=public --list-all public (active) target: default …
Trav Erse
  • 191
  • 2
  • 3
  • 12
4
votes
2 answers

centos 8, firewalld error `COMMAND_FAILED: 'python-nftables' failed`

when I try to reload firewalld, it tells me Error: COMMAND_FAILED: 'python-nftables' failed: internal:0:0-0: Error: Could not process rule: Numerical result out of range JSON blob: {"nftables": [{"metainfo": {"json_schema_version": 1}}, {"add":…
xcsoft
  • 43
  • 2
  • 5
4
votes
1 answer

nftables rules for docker

System : RHEL 8.4 Docker Version : 20.10 RHEL 8 has moved from iptables to nftables and Docker inbuild uses iptables to set firewall rules on the machine. It seems to have break the communication from docker containers to host services, and also to…
Keyur Barapatre
  • 237
  • 2
  • 11
4
votes
1 answer

centos firewall-cmd port forward to a range of dest port does not work

I'm trying to setup a firewalld rule to forward 80/tcp to 8080-8081, the rule was setup correctly, but seems only partially working. The problem is that the traffic is always forwarded to 8080 not 8081, is anything wrong ? Below is my env: create…
Feng Xi
  • 1,005
  • 2
  • 11
  • 30
4
votes
2 answers

Firewalld Configuration on Centos 7.2

I have installed MongoDB on my CentOS 7.2 VPS and trying to access to the DB via Robomongo from my client. However, when I try to connect the server from the 27017 port, I get "Network is unreachable" error. I have enabled the firewalld on the…
Phyticist
  • 566
  • 1
  • 8
  • 20
1
2 3
9 10