0

I've upgraded to CentOS7, with which comes firewalld instead of iptables. How do I configure firewalld to block all except a whitelist of http traffic? I'd like to leave all other services enabled for now.

I attempted to block all incoming with firewall-cmd --remove-service=http then firewall-cmd --reload , but that didn't block the traffic.

# firewall-cmd --list-all
public (default)
  interfaces:
  sources:
  services: dhcpv6-client http ssh
  ports: 27017/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

# firewall-cmd --state
running
Isius
  • 284
  • 1
  • 4
  • 14
  • Please add to your question the active zone, the services active in that zone, list of interfaces as seen by firewalld and the status of the firewalld service. – dawud Nov 10 '14 at 14:08
  • You have two separate questions here. Please post only one question per "question". – Michael Hampton Nov 10 '14 at 18:13
  • I count one. "How do I configure firewalld to block all except a whitelist of http traffic?" – Isius Nov 10 '14 at 19:22

0 Answers0