Friday, September 1, 2017

Quick conversion of iptables to FirewallD

I had a need to work with a CentOS 7 VM, that was still using sysconfig/iptables rules; but some other stuff I needed working on it wasn't connecting right. Poking around online + past experience, here's a snippet for anyone who is looking at a similar problem. This particular configuration (I scrubbed out other details) opens TCP 22,443, and 8443; and forwards 8443 to 443 (I probably didn't need that extra 443 opening).

yum install firewalld
systemctl enable firewalld && systemctl start firewalld
firewall-cmd --zone=public --add-port={22,443,8443}/tcp --permanent
firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --zone=public --add-forward-port=port=443:proto=tcp:toport=8443 --permanent
systemctl stop iptables && systemctl stop ip6tables
systemctl disable iptables && systemctl disable ip6tables
firewall-cmd --reload

No comments:

Post a Comment