Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include the FirewallD equivalents to the UFW Rules #930

Open
3 tasks done
jSQrD-dev opened this issue Nov 8, 2024 · 0 comments
Open
3 tasks done

Include the FirewallD equivalents to the UFW Rules #930

jSQrD-dev opened this issue Nov 8, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@jSQrD-dev
Copy link

Is your feature request related to a problem? Please describe.

There's currently no FirewallD support.

Describe the solution you'd like

Include the FirewallD equivalents of the UFW rules

    systemtcl enable --now firewalld
    firewall-cmd --state
    # Limiting Workaround (https://github.com/firewalld/firewalld/issues/70)
    firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT_direct 0 -p tcp --dport 22 \
        -m state --state NEW -m recent --set
    firewall-cmd --permanent --direct --add-rule ipv6 filter INPUT_direct 0 -p tcp --dport 22 \
        -m state --state NEW -m recent --set
    firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT_direct 1 -p tcp --dport 22 \
        -m state --state NEW -m recent --update --seconds 30 --hitcount 6 \
        -j REJECT --reject-with tcp-reset
    firewall-cmd --permanent --direct --add-rule ipv6 filter INPUT_direct 1 -p tcp --dport 22 \
        -m state --state NEW -m recent --update --seconds 30 --hitcount 6 \
        -j REJECT --reject-with tcp-reset
    # Allow HTTP/S
    firewall-cmd --permanent --add-service=http
    firewall-cmd --permanent --add-service=https
    firewall-cmd --reload

Describe alternatives you've considered

Do it manually.

Additional context

Checklist

  • I checked for duplicate issues.
  • I checked already existing discussions.
  • This feature is not included in the roadmap.
@jSQrD-dev jSQrD-dev added the enhancement New feature or request label Nov 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jSQrD-dev