Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-23 Thread Mike
On Mon, May 23, 2016 at 4:10 PM, James Hogarth wrote: > > > Using DIRECT bypasses all the zone and service stuff. > > Frankly if your going to DIRECT everything then you really are better off > masking (and removing) firewalld and installing iptables-service and just >

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-23 Thread James Hogarth
On 23 May 2016 21:03, "Mike" <1100...@gmail.com> wrote: > > The closest thing I could find to an iptables to firewalld conversion tool > was Offline Configuation. > The firewall-offline-cmd command was created to help setup firewall rules > when Firewalld is not running. > > For instance, to open

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-23 Thread Eero Volotinen
well, no. it's a bit different animal.. Eero 2016-05-23 22:24 GMT+03:00 Kenneth Porter : > On 5/22/2016 9:45 PM, Eero Volotinen wrote: > >> Firewalld is preferred way. You should learn it.. >> > > Are there any good tools for converting an iptables-save file to a >

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-23 Thread Mike
The closest thing I could find to an iptables to firewalld conversion tool was Offline Configuation. The firewall-offline-cmd command was created to help setup firewall rules when Firewalld is not running. For instance, to open the tcp port 22, you would type in the /etc/sysconfig/iptables file:

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-23 Thread Kenneth Porter
On 5/22/2016 9:45 PM, Eero Volotinen wrote: Firewalld is preferred way. You should learn it.. Are there any good tools for converting an iptables-save file to a Firewalld configuration? ___ CentOS mailing list CentOS@centos.org

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-23 Thread Mike
Thank you, Mr. Korren. I'll practice a few times and see if I can reproduce my original rule set. Best regards. On May 23, 2016 1:39 AM, "Barak Korren" wrote: > > > > If I'm understanding correctly, write out all rules in a bash terminal > and > > run them, and then do

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Barak Korren
> > If I'm understanding correctly, write out all rules in a bash terminal and > run them, and then do /usr/sbin/iptables-save --- > > ~#/usr/sbin/iptables rule; > ~#/usr/sbin/iptables rule; > ~#/usr/sbiniptables rule; > ~#/usr/sbin/iptables rule; > ~#/usr/sbin/iptables rule; > ~#/usr/sbiniptables

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Eero Volotinen
You need to disable firewalld and install iptables, if you really want use old way: https://www.certdepot.net/rhel7-disable-firewalld-use-iptables/ Firewalld is preferred way. You should learn it.. -- Eero 2016-05-23 5:55 GMT+03:00 Mike <1100...@gmail.com>: > The last two router/firewall

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Mike
On Sun, May 22, 2016 at 11:55 PM, Barak Korren wrote: > בתאריך 23 במאי 2016 05:56,‏ > The syntax comes from the output of the 'iptables-save' command. > You can configure 'iptables' from the command line as you normally would > and then run > > iptables-save >

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Barak Korren
בתאריך 23 במאי 2016 05:56,‏ "Mike" <1100...@gmail.com> כתב: > > > After using iptables for a long time, I can't figure out where this syntax > comes from. > Can anyone point me in the right direction to understand the proper syntax > necessary in /etc/sysconfig/iptables? > The syntax comes from

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Mike
On Sun, May 22, 2016 at 11:02 PM, Rob Kampen wrote: By default CentOS 7 uses firewalld and not iptables - check what is > enabled and running with > >systemctl status firewalld.service > systemctl reports: systemctl status firewalld.service ● firewalld.service

Re: [CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Rob Kampen
On 23/05/16 14:55, Mike wrote: The last two router/firewall servers I had used Slackware and Gentoo. I'm used to writing complete and explicit iptables rules; however, when I set up /etc/sysconfig/iptables in CentOS 7 my usual syntax is unusable. For example, I'm used to stating postrouting

[CentOS] /etc/sysconfig/iptables syntax

2016-05-22 Thread Mike
The last two router/firewall servers I had used Slackware and Gentoo. I'm used to writing complete and explicit iptables rules; however, when I set up /etc/sysconfig/iptables in CentOS 7 my usual syntax is unusable. For example, I'm used to stating postrouting masquerade as: /usr/sbin/iptables