{"id":6145,"date":"2016-08-06T17:27:45","date_gmt":"2016-08-06T09:27:45","guid":{"rendered":"http:\/\/rmohan.com\/?p=6145"},"modified":"2016-08-06T17:27:45","modified_gmt":"2016-08-06T09:27:45","slug":"centos-7-rhel-firewalld-settings","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=6145","title":{"rendered":"CentOS 7 \/ RHEL firewalld settings"},"content":{"rendered":"<p><strong>CentOS 7 \/ RHEL firewalld settings<\/strong><\/p>\n<p>CentOS 7 has adopted firelwalld by default over the previous iptables, which will require some new steps to configure your firewall:<\/p>\n<p># new CentOS\/RHEL 7 Firewall:<br \/>\n\t(see https:\/\/access.redhat.com\/documentation\/en-US\/Red_Hat_Enterprise_Linux\/7\/html\/Security_Guide\/sec-Using_Firewalls.html )<\/p>\n<p># create a new service e.g. for webmin:<\/p>\n<p>$ cat \/etc\/firewalld\/services\/webmin.xml<br \/>\n<?xml version=\"1.0\" encoding=\"utf-8\"?><br \/>\n<service><br \/>\n  <short>Webmin<\/short><br \/>\n  <description>Server admin service. Restrict access and do not leave running.<\/description>\n  <port protocol=\"tcp\" port=\"10000\"\/>\n<\/service><\/p>\n<p># add service to zone:<\/p>\n<p>nano \/etc\/firewalld\/zones\/public.xml<br \/>\n# OR<br \/>\n$ firewall-cmd &#8211;permanent &#8211;zone=public &#8211;add-service=webmin<\/p>\n<p># reload to add:<\/p>\n<p>$ firewall-cmd &#8211;reload<\/p>\n<p># check:<br \/>\n$ firewall-cmd &#8211;zone=public &#8211;list-all<\/p>\n<p>## apache \/ httpd:<br \/>\n$ firewall-cmd &#8211;permanent &#8211;add-service=http<br \/>\n$ firewall-cmd &#8211;permanent &#8211;add-service=https<br \/>\n$ systemctl restart firewalld<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CentOS 7 \/ RHEL firewalld settings<\/p>\n<p>CentOS 7 has adopted firelwalld by default over the previous iptables, which will require some new steps to configure your firewall:<\/p>\n<p># new CentOS\/RHEL 7 Firewall: (see https:\/\/access.redhat.com\/documentation\/en-US\/Red_Hat_Enterprise_Linux\/7\/html\/Security_Guide\/sec-Using_Firewalls.html )<\/p>\n<p># create a new service e.g. for webmin:<\/p>\n<p>$ cat \/etc\/firewalld\/services\/webmin.xml Webmin Server admin service. Restrict access and do not [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6145"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6145"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6145\/revisions"}],"predecessor-version":[{"id":6146,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6145\/revisions\/6146"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}