Re: Disabling Firewall/iptables on CentOS 7??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 3/24/2017 3:16 AM, Łukasz Posadowski wrote:
Data Wed, 22 Mar 2017 19:56:03 -0400
James Pifer <jep@xxxxxxxxxxxxxxxx> wrote:

I apologize if this has been asked and answered, but I googled and
attempted things for several hours today without success.
Iptables isn't used by default, at least not directly. Easiest way to
do dosable firewall is:
# systemctl mask firewalld
and restart the machine.

192.168.122. subnet is something for libvirt and KVM. I have it
completely disabled on my locals and VPSes without any problem.

If You write specific rules in /etc/sysconfig/iptables
and /etc/sysconfig/ip6tables, with
-F
-X
-P INPUT DROP
at the beginning, any trace of 192.168.122 will be gone. Here's mine
ipv4 rules for my local machines:
------------------------
*filter
-F
-X
-P INPUT DROP
-A INPUT -s 0/0 -m state --state RELATED,ESTABLISHED -j ACCEPT

# localhost
-A INPUT -i lo -j ACCEPT

# ping
-A INPUT -p icmp -j ACCEPT

# ssh
-A INPUT -s 192.168.234.0/24 -p tcp --dport 22 -j ACCEPT

COMMIT
------------------------


Thanks for the help.

Basically I was making it more complex than it needed to be. Disabling firewalld and removing the libvirt NIC did the job.

Thanks
James
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux