Is there a simple way to export/import firewalld settings? I'd like to set firewalld on one server an then use the same for a lot of others. Including adding custom zones, direct rules etc.
Asked
Active
Viewed 2.0k times
1 Answers
16
Firewalld stores its configuration in /etc/firewalld and within that directory you can find various configuration files:
firewalld.confprovides overall configuration.- Files in the
zonesdirectory provide your custom firewall rules for each zone. - Files in the
servicesdirectory provide custom services you have defined. - Files in the
icmptypesdirectory provide custom icmptypes you have defined.
There is a matching directory structure in /usr/lib/firewalld which provides the defaults for zones, services and icmptypes, in case you want to start customizing from a template, or simply see what the files look like.
The firewall configuration of the main services (ftp, httpd, etc) comes in the /usr/lib/firewalld/services directory. But it is still possible to add new ones in the /etc/firewalld/services directory. Also, if files exist at both locations for the same service, the file in the /etc/firewalld/services directory takes precedence.
Michael Hampton
- 237,123
- 42
- 477
- 940
-
5Just to add to this - if SELinux is enabled you'll need to fix the permissions on the files if you copy from one server to another. – Boden Garman Oct 14 '15 at 23:32