[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalld-users
Subject: Re: How do I get a specific text in the firewall log for specified tcp ports in zone public?
From: Freek de Kruijf <f.de.kruijf () gmail ! com>
Date: 2021-12-12 14:50:51
Message-ID: 3008530.TBvQxneWjC () eiktum
[Download RAW message or body]
Op zaterdag 11 december 2021 11:45:22 CET schreef Andrew Moore:
> > I have the interface in the public zone and I have the source
> > 192.168.178.0/24
in the internal zone. My understanding is that all
> > packets coming in on the interface without a source address mentioned in
> > the internal zone enter the public zone. So these last packets should be
> > processed by the rules in that public zone, which apparently does not
> > happen, at least not the ones that finally get rejected.
>
>
> Hi,
>
> I'm not a firewalld/nftables expert, but from your description, it seems
> that you want all TCP traffic addressed to a specified port range to be
> rejected and logged. If so, then rather add your rich rule(s) to the
> public zone, how about adding them to the internal zone, whose rules are
> evaluated prior to public's (according to the article:
> https://www.linuxjournal.com/content/understanding-firewalld-multi-zone-con
> figurations)?
The problem of not appearing of these messages in the log was caused by a an
issue in my router and not with the configuration of the firewall.
In the end I could skip the use of firewalld and use directly nftables.
I needed this for the honeypot software on https://github.com/DShield-ISC/
dshield/ to adapt it for the change to nftables instead of iptables, which is
declared obsolete.
--
fr.gr.
Freek de Kruijf
_______________________________________________
firewalld-users mailing list -- firewalld-users@lists.fedorahosted.org
To unsubscribe send an email to firewalld-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/firewalld-users@lists.fedorahosted.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic