I've upgraded to CentOS7, with which comes firewalld instead of iptables. How do I configure firewalld to block all except a whitelist of http traffic? I'd like to leave all other services enabled for now.
I attempted to block all incoming with firewall-cmd --remove-service=http
then firewall-cmd --reload
, but that didn't block the traffic.
# firewall-cmd --list-all
public (default)
interfaces:
sources:
services: dhcpv6-client http ssh
ports: 27017/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
# firewall-cmd --state
running