On 1/10/23 20:13, Andrei Borzenkov wrote:
On 10.01.2023 23:38, Marc Chamberlin wrote:
On 1/9/23 14:26, Carlos E. R. wrote:
On 2023-01-09 23:23, Marc Chamberlin wrote:
Hi - I am running an OpenSuSE 15.4 x64 using Firewalld with iptables as the backend.
firewall-cmd -V 0.9.3
I also use Knockd and port knocks to open and close various ports on this system. (and yes I understand the drawbacks of using port knocking!) The trouble is, Firewalld is blocking the knocks and preventing the knockd.service daemon from hearing them.
Maybe just open the ports used for knocking?
Thanks Carlos for your reply, yeah I tried that already
You forgot to show your firewalld configuration that you tried.
😁, no joy... 😭
Hi Andrei, I am not sure which firewalld configuration file you want me to show, but I will take a stab at it and show /etc/firewalld/firewalld.conf (without comments) Let me know if you want to see the Zone file(s) or anything else. Marc....
# firewalld config file DefaultZone=public CleanupOnExit=yes Lockdown=no IPv6_rpfilter=yes IndividualCalls=no LogDenied=off FirewallBackend=iptables FlushAllOnReload=no RFC3964_IPv4=yes AllowZoneDrifting=no -- *"The Truth is out there" - Spooky* *_ _ . . . . . . _ _ . _ _ _ _ . . . . _ . . . . _ _ . _ _ _ . . . . _ _ . _ . . _ . _ _ _ _ . _ . _ . _ . _ . * Computers: the final frontier. These are the voyages of the user Marc. His mission: to explore strange new hardware. To seek out new software and new applications. To boldly go where no Marc has gone before! (/This email is digitally signed and the OpenPGP electronic signature is added as an attachment. If you know how, you can use my public key to prove this email indeed came from me and has not been modified in transit. My public key, which can be used for sending encrypted email to me also, can be found at - https://keys.openpgp.org/search?q=marc@marcchamberlin.com or just ask me for it and I will send it to you as an attachment. If you don't understand all this geek speak, no worries, just ignore this explanation and ignore the OpenPGP signature key attached to this email (it will look like gibberish if you open it) and/or ask me to explain it further if you like./)