W dniu 29.12.2017 o 10:32, Kenneth Porter pisze:
How do I insert the iptables rule below using firewalld?
I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying
to get OpenVPN working to allow home workers to access PCs at the
office. I've got it all working but only by manually inserting an
ACCEPT rule in the FORWARD iptables chain:
iptables -I FORWARD 3 -i tun+ -j ACCEPT
This rule was extracted from my iptables firewall under CentOS6. The 3
puts it after the accepts for established connections and loopback
connections, but before any firewalld sub-chains. With this I can
connect to an internal Windows 10 system with Remote Desktop.
How can I inject this rule using firewalld, either as a direct rule or
as some more firewalld-approved kind of rule?
Hi,
firstly check which zone are your interface in :
bash> firewall-cmd --get-active-zones
then all you have to do is add a service to the firewall
firewall-cmd --zone=<INSERT YOUR ZONE> --add-service=openvpn --permanent
assuming that your Openvpn is running on standard port 1194/tcp|udp,
If not then modify firewall-cmd rule and add your port/proto
e.g.
firewall-cmd --zone=<INSERT YOUR ZONE> --add-port=11193/tcp
I hope this will help you,
--
Pozdrawiam / Best regards
Wojciech Łysiak
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos