1.8 KiB
Executable File
1.8 KiB
Executable File
Firewalld
Install and setup firewalld.
Cheat sheet https://www.liquidweb.com/kb/an-introduction-to-firewalld/
Install
The install is a simple apt install...
apt install firewalld
Add firewall rules.
!!! RELOAD AFTER ADDING YOUR RULES, USE firewall-cmd --reload !!!
Allow ssh, http and https...
firewall-cmd --zone=public --permanent --add-service=ssh
firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https
Only allow a range of IPs...
firewall-cmd --zone=public --permanent --add-source=192.168.1.0/24
firewall-cmd --zone=public --permanent --add-source=192.168.156.0/24
firewall-cmd --zone=public --permanent --add-source=10.0.0.0/24
Sipgate...
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.10.64.0/20" port protocol="udp" port="5060" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.116.112.0/20" port protocol="udp" port="5060" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="212.9.32.0/19" port protocol="udp" port="5060" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.10.64.0/20" port protocol="udp" port="24000-26000" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="217.116.112.0/20" port protocol="udp" port="24000-26000" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule family="ipv4" source address="212.9.32.0/19" port protocol="udp" port="24000-26000" accept'
List rules
To list all firewall rules.
firewall-cmd --list-all
Status / State
firewall-cmd --state