eSGR Documentation

This is an old revision of the document!

Generic (Permanent) Port

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload

SNMPD

Create Profile

vim /etc/firewalld/services/snmp.xml

<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>SNMP</short>
  <description>SNMP protocol</description>
  <port protocol="udp" port="161"/>
</service>

Add Rule

firewall-cmd --reload
firewall-cmd --zone=public --add-service snmp --permanent
firewall-cmd --reload

Cockpit

firewall-cmd --add-service=cockpit
firewall-cmd --add-service=cockpit --permanent

Allow traffic through bridge

firewall-cmd –permanent –direct –passthrough ipv4 -I FORWARD -i vbr0 -j ACCEPT firewall-cmd –permanent –direct –passthrough ipv4 -I FORWARD -o vbr0 -j ACCEPT firewall-cmd –reload

http/s

By Service name

firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https
firewall-cmd --reload

By Port

firewall-cmd –permanent –add-port=80/tcp firewall-cmd –permanent –add-port=443/tcp firewall-cmd –reload

Firewalld