Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-15 Thread Pete Travis 
On Feb 15, 2013 6:39 AM, "Aaron Gray"  wrote:

>
> Pete,
>
> Yeah that's the easy bits, they need details too. The bit I have yet to
find out how to do is to forward HTTPS and DNS ports between the
primary internet network and the secondary DHCP BOOTP network on
192.168.1.x. I had this working on Shorewall but have taken the time to
work it out on iptables or firewalld ideally and was hoping for a quick fix
without having to reread iptables docs or learn firewalld configuration.
>
> Cheers for the link,
>
> Aaron

Port forwarding is simply and clearly documented in 'man firewall-cmd'.
Unless you're looking for masquerading, which is easily done per the man
page as well. I believe there are some firewalld docs in the works, fwiw.

Serving the installation repository from an outside network is a use case
straying from the norm; I wouldn't consider the installation guide lacking
because it does not document it.

--pete
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-15 Thread Aaron Gray 
On 14 February 2013 19:16, Pete Travis  wrote:

>  On Feb 14, 2013 12:03 PM, "Pete Travis"  wrote:
> >
> >
> > On Feb 9, 2013 3:47 AM, "Aaron Gray"  wrote:
> > >
> > > On 7 February 2013 16:41, "Jóhann B. Guðmundsson" 
> wrote:
> > >>
> > >> On 02/07/2013 04:23 PM, Aaron Gray wrote:
> > >>>
> > >>> Can someone who knows firewalld please do a HOWTO to on setting up a
> secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18 please
> to go with the PXEBOOT HOWTO :-
> > >>>
> > >>> http://linux-sxs.org/internet_serving/pxeboot.html
> > >>>
> > >>> Hope someone can help, I put I message on the User List but got no
> response.
> > >>>
> > >>
> > >>
> > >> Well what seems to be standards sysadmin practice with firewalld on
> servers is to disable it and enable iptables.
> > >>
> > >> Firewalld is aimed at desktop users and roaming hardware which makes
> "zones" useless concept for static server within an corporate
> infrastructure.
> > >>
> > >> So the missing steps for your guide simply are...
> > >>
> > >> systemctl stop firewalld*
> > >> systemctl disable firewalld*
> > >> systemctl enable iptables.service
> > >> systemctl start iptables.service
> > >>
> > >
> > >
> > > Jóhann,
> > >
> > > That's okay so far, sort of makes sense, but I though firewalld had
> equivalent functionality to iptables. Anyway I still need a HOWTO on
> setting up a secondary DHCP on a second Ethernet controller in order to run
> PXEBOOT.
> > >
> > > Thanks for the reply anyway,
> > >
> > > Aaron
> > >
> > >
> >
> > Have you looked at
> >
> http://docs.fedoraproject.org/en-US/Fedora/17/html/Installation_Guide/sn-pxe-server-manual.html?
>  If so, can you elaborate on what is missing?
>
> Oops, that should be
> http://docs.fedoraproject.org/en-US/Fedora/18/html/Installation_Guide/sn-pxe-server-manual.html
>
Pete,

Yeah that's the easy bits, they need details too. The bit I have yet to
find out how to do is to forward HTTPS and DNS ports between the
primary internet network and the secondary DHCP BOOTP network on
192.168.1.x. I had this working on Shorewall but have taken the time to
work it out on iptables or firewalld ideally and was hoping for a quick fix
without having to reread iptables docs or learn firewalld configuration.

Cheers for the link,

Aaron


> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-14 Thread Pete Travis 
On Feb 14, 2013 12:03 PM, "Pete Travis"  wrote:
>
>
> On Feb 9, 2013 3:47 AM, "Aaron Gray"  wrote:
> >
> > On 7 February 2013 16:41, "Jóhann B. Guðmundsson" 
wrote:
> >>
> >> On 02/07/2013 04:23 PM, Aaron Gray wrote:
> >>>
> >>> Can someone who knows firewalld please do a HOWTO to on setting up a
secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18 please
to go with the PXEBOOT HOWTO :-
> >>>
> >>> http://linux-sxs.org/internet_serving/pxeboot.html
> >>>
> >>> Hope someone can help, I put I message on the User List but got no
response.
> >>>
> >>
> >>
> >> Well what seems to be standards sysadmin practice with firewalld on
servers is to disable it and enable iptables.
> >>
> >> Firewalld is aimed at desktop users and roaming hardware which makes
"zones" useless concept for static server within an corporate
infrastructure.
> >>
> >> So the missing steps for your guide simply are...
> >>
> >> systemctl stop firewalld*
> >> systemctl disable firewalld*
> >> systemctl enable iptables.service
> >> systemctl start iptables.service
> >>
> >
> >
> > Jóhann,
> >
> > That's okay so far, sort of makes sense, but I though firewalld had
equivalent functionality to iptables. Anyway I still need a HOWTO on
setting up a secondary DHCP on a second Ethernet controller in order to run
PXEBOOT.
> >
> > Thanks for the reply anyway,
> >
> > Aaron
> >
> >
>
> Have you looked at
>
http://docs.fedoraproject.org/en-US/Fedora/17/html/Installation_Guide/sn-pxe-server-manual.html?
If so, can you elaborate on what is missing?

Oops, that should be
http://docs.fedoraproject.org/en-US/Fedora/18/html/Installation_Guide/sn-pxe-server-manual.html
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-14 Thread Pete Travis 
On Feb 9, 2013 3:47 AM, "Aaron Gray"  wrote:
>
> On 7 February 2013 16:41, "Jóhann B. Guðmundsson" 
wrote:
>>
>> On 02/07/2013 04:23 PM, Aaron Gray wrote:
>>>
>>> Can someone who knows firewalld please do a HOWTO to on setting up a
secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18 please
to go with the PXEBOOT HOWTO :-
>>>
>>> http://linux-sxs.org/internet_serving/pxeboot.html
>>>
>>> Hope someone can help, I put I message on the User List but got no
response.
>>>
>>
>>
>> Well what seems to be standards sysadmin practice with firewalld on
servers is to disable it and enable iptables.
>>
>> Firewalld is aimed at desktop users and roaming hardware which makes
"zones" useless concept for static server within an corporate
infrastructure.
>>
>> So the missing steps for your guide simply are...
>>
>> systemctl stop firewalld*
>> systemctl disable firewalld*
>> systemctl enable iptables.service
>> systemctl start iptables.service
>>
>
>
> Jóhann,
>
> That's okay so far, sort of makes sense, but I though firewalld had
equivalent functionality to iptables. Anyway I still need a HOWTO on
setting up a secondary DHCP on a second Ethernet controller in order to run
PXEBOOT.
>
> Thanks for the reply anyway,
>
> Aaron
>
>

Have you looked at
http://docs.fedoraproject.org/en-US/Fedora/17/html/Installation_Guide/sn-pxe-server-manual.html?
If so, can you elaborate on what is missing?
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-14 Thread Aaron Gray 
On 14 February 2013 14:13, Thomas Woerner  wrote:

> On 02/07/2013 05:23 PM, Aaron Gray wrote:
>
>> Can someone who knows firewalld please do a HOWTO to on setting up a
>> secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18
>> please to go with the PXEBOOT HOWTO :-
>> http://linux-sxs.org/internet_**serving/pxeboot.html
>> Hope someone can help, I put I message on the User List but got no
>> response.
>> Aaron
>>
>>
>>
> Do you want to provide this for IPv4 or IPv6 or both?
> The ports that need to be opened are different for DHCPv4 and DHCPv6.


Hi Thomas,

Thanks for the reply. Its for installing Fedora 18 from Fedora 18 on old CD
less servers so IPv4 ideally but it would be good to do a HOWTO for IPv6 as
well. The DHCP part is relatively simple and have done this before its the
routing from one subnet to another that is the part I have not been able to
work out. I don't know whether this can be done directly with firewalld or
whether as suggested earlier in the thread to revert to using iptables.

Aaron


>
>
> Thomas
> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.**org/mailman/listinfo/devel
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-14 Thread Thomas Woerner 

On 02/07/2013 05:23 PM, Aaron Gray wrote:

Can someone who knows firewalld please do a HOWTO to on setting up a
secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18
please to go with the PXEBOOT HOWTO :-
http://linux-sxs.org/internet_serving/pxeboot.html
Hope someone can help, I put I message on the User List but got no response.
Aaron




Do you want to provide this for IPv4 or IPv6 or both?
The ports that need to be opened are different for DHCPv4 and DHCPv6.

Thomas
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-09 Thread Aaron Gray 
On 7 February 2013 16:41, "Jóhann B. Guðmundsson" wrote:

>  On 02/07/2013 04:23 PM, Aaron Gray wrote:
>
> Can someone who knows firewalld please do a HOWTO to on setting up a
> secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18 please
> to go with the PXEBOOT HOWTO :-
>
> http://linux-sxs.org/internet_serving/pxeboot.html
>
> Hope someone can help, I put I message on the User List but got no
> response.
>
>
>
> Well what seems to be standards sysadmin practice with firewalld on
> servers is to disable it and enable iptables.
>
> Firewalld is aimed at desktop users and roaming hardware which makes
> "zones" useless concept for static server within an corporate
> infrastructure.
>
> So the missing steps for your guide simply are...
>
> systemctl stop firewalld*
> systemctl disable firewalld*
> systemctl enable iptables.service
> systemctl start iptables.service
>
>

Jóhann,

That's okay so far, sort of makes sense, but I though firewalld had
equivalent functionality to iptables. Anyway I still need a HOWTO on
setting up a secondary DHCP on a second Ethernet controller in order to run
PXEBOOT.

Thanks for the reply anyway,

Aaron
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Re: Request for a firewalld secondary DHCP + PXEBOOT HOWTO

2013-02-08 Thread Jóhann B. Guðmundsson 

On 02/07/2013 04:23 PM, Aaron Gray wrote:
Can someone who knows firewalld please do a HOWTO to on setting up a 
secondary DHCP with DNS and HTTPS access for PXEBOOTing of Fedora18 
please to go with the PXEBOOT HOWTO :-

http://linux-sxs.org/internet_serving/pxeboot.html
Hope someone can help, I put I message on the User List but got no 
response.




Well what seems to be standards sysadmin practice with firewalld on 
servers is to disable it and enable iptables.


Firewalld is aimed at desktop users and roaming hardware which makes 
"zones" useless concept for static server within an corporate 
infrastructure.


So the missing steps for your guide simply are...

systemctl stop firewalld*
systemctl disable firewalld*
systemctl enable iptables.service
systemctl start iptables.service

JBG
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel