RHCE Use firewalld

RHCE Objective: Use firewalld and associated mechanisms such as rich rules, zones, and custom rules, to implement packet filtering and configure network address translation (NAT).

http://www.certdepot.net/rhel7-get-started-firewalld/

This is clearly necessary to pass the exam so we’ll just have to dig in. In my current shop, we don’t have firewalls on servers and depend on external firewall and zone management.

Status:

Standard commands to check firewalld; systemctl status firewalld

If you have a multi-homed environment, you’ll need to set up net.ipv4.ip_forward=1 in /etc/sysctl.conf

Zones:

With a bastion host (for example), you’ll have a public facing interface and an interface that you as an admin can log in to. You can use the default (or public) zone or create a new zone for admin traffic (management zone).

This entry was posted in Computers and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *