On 24/08/2019 23.17, Freek de Kruijf wrote:
Op dinsdag 25 juni 2019 17:00:05 CEST schreef Patrick Shanahan:
* Patrick Shanahan <> [06-25-19 10:57]:
* Freek de Kruijf <> [06-25-19 10:16]:
Now that the date is near when SuSEfirewall2 will be removed I finally looked into what firewalld is offering.
It took some time to get more familiar with firewalld. I have some specific requirements. The firewall log should be available for parsing to report unwanted access to dshield.org.
Still I do not understand all the particulars of the elements in firewalld. Even the concept of a zone is still unclear to me. A simple concept is that an interface is connected/belongs to a zone. So in my case the eth0 interface, which is connected to the local network, but is also a server connected to the internet via a router with a NAT firewall should be in the zone external, the default zone.
However I would like to make exceptions for the systems in my local network. The question is how to do that. There is a zone trusted or something similar. Should I enter the source addresses of the systems in that local network in such a zone?
Furthermore I want services like ssh, smtp, smtps, imaps, etc to be accessible from all over the world, but not imap, only from the local network. I also want ACCEPT messages for these services in the firewall log, but, for ssh, I want to limit access to 3 per minute and also limited logging.
Any ideas how to configure firewalld with rich rules?
No. I also have similar questions. I know that I can open ports as I wish, but they become open for all. You can log what happens on the firewall, but I see less options. I guess you choose to attach an interface to a zone, and that defines what ports or services are open or closed by default. -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)