Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

firewall zones configuration for the network interfaces #107

Open
potula-chandra opened this issue Jan 3, 2016 · 2 comments
Open

firewall zones configuration for the network interfaces #107

potula-chandra opened this issue Jan 3, 2016 · 2 comments
Assignees
@danielhb
Labels
backend enhancement
Milestone
Backlog

Comments

@potula-chandra
Copy link
Member

Listing the firewall zones and give end user option of configuring the firewall zone to the network interface would be good to have feature.

Zone management:

Also, a new concept of zone appears : all network interfaces can be located in the same default zone or divided into different ones according to the levels of trust defined.

To get the default zone, type:

firewall-cmd --get-default-zone

public

To get the list of zones where you’ve got network interfaces assigned to, type:

firewall-cmd --get-active-zones

public
interfaces: eth0

To get the list of all the available zones, type:

firewall-cmd --get-zones

block dmz drop external home internal public trusted work

To get all the details about the public zone, type:

firewall-cmd --zone=public --list-all

public (default, active)
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
@danielhb
Copy link
Contributor

danielhb commented Jan 3, 2016

At first glance firewall-cmd isnt't available for Ubuntu, so this feature
would be fedora/rhel only

Make sure to implement the is_feature_available API properly. Actually we
should've done that with the cfginterfaces model already ...
Em 03/01/2016 8:42 AM, "Chandra Shekhar Reddy" notifications@github.com
escreveu:

Listing the firewall zones and give end user option of configuring the
firewall zone to the network interface would be good to have feature

Zone management:

Also, a new concept of zone appears : all network interfaces can be
located in the same default zone or divided into different ones according
to the levels of trust defined

To get the default zone, type:
firewall-cmd --get-default-zone

public

To get the list of zones where you’ve got network interfaces assigned to,
type:
firewall-cmd --get-active-zones

public
interfaces: eth0

To get the list of all the available zones, type:
firewall-cmd --get-zones

block dmz drop external home internal public trusted work

To get all the details about the public zone, type:
firewall-cmd --zone=public --list-all

public (default, active)
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:


Reply to this email directly or view it on GitHub
#107.

@danielhb danielhb mentioned this issue Jul 7, 2016
Closed
@danielhb danielhb added this to the Backlog milestone Jul 7, 2016
@danielhb danielhb self-assigned this Jul 7, 2016
@danielhb
Copy link
Contributor

danielhb commented Jul 7, 2016

I'll have a crack at this when I have the chance.

If anyone is in a rush for this let me know and I'll reassign the issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielhb danielhb

Labels
backend enhancement
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
2 participants
@danielhb @potula-chandra