Notes firewalld firewall-cmd

Voir :

• https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd
• https://www.thegeekdiary.com/5-useful-examples-of-firewall-cmd-command/
• https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7
• https://www.it-connect.fr/centos-7-utilisation-et-configuration-de-firewalld/
• https://major.io/2021/10/11/forwarding-ports-with-firewalld/

Voir aussi:

• libvirt_firewalld_firewall-cmd_iptables

Voir la conf

firewall-cmd --list-all

Les règles sont enregistrées ici

• /usr/lib/firewalld/zones/
• /etc/firewalld/zones/

Autoriser un port

firewall-cmd --add-port=80/tcp
 
# Pour garder le changement après redémarrage
firewall-cmd --add-port=80/tcp --permanent

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/pdf/High_Availability_Add-On_Administration/Red_Hat_Enterprise_Linux-7-High_Availability_Add-On_Administration-en-US.pdf

firewall-cmd --permanent --add-service=high-availability
firewall-cmd --add-service=high-availability

PS : RedHat propose Podman à la place de Docker

firewall-cmd --permanent --zone=trusted --add-interface=docker0
 
for bridge in $(ip link |awk '/: br-/ { gsub(":", "") ; print $2 }')
do
  firewall-cmd --permanent --zone=trusted --add-interface=${bridge}
done
 
firewall-cmd --reload
 
systemctl restart docker

firewall-cmd --permanent --zone=trusted --add-interface=virbr0
firewall-cmd --reload
firewall-cmd --add-masquerade
firewall-cmd --add-forward-port=port=8888:proto=tcp:toport=8888:toaddr=192.168.122.101