Op maandag 26 augustus 2019 11:45:30 CEST schreef Mathias Homann:
Am Sonntag, 25. August 2019, 14:53:36 CEST schrieb Freek de Kruijf:
Let me write up something about what you want to do when it's not half past eleven at night... :)
Dear Martin,
s/Martin/Mathias/ :)
I am patiently awaiting your your write up.
I put it on my blog: https://www.tuxonline.tech/an-introduction-to-firewalld/
Cheers MH
I found a comprehensive article about firewalld on this web page: https://www.linuxjournal.com/content/understanding-firewalld-multi-zone-conf... It explains the flow of packages through the firewall, which was the last thing I did not understand about firewalld. I finally decided to have two zones, internal and external. The zone internal only has local source addresses, the addresses in my local network, 192.../24, fe80::/8 and <ipv6-prefix>/48, which I got from my provider. The zone external contains the only wired interface and is the default zone. The internal zone accepts all the configured services without logging, the external zone accepts a subset of these services, which are accepted by rich rules with sometimes limited logging and sometimes limited accept rate. -- fr.gr. member openSUSE Freek de Kruijf -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org