• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to Migrate CentOS/RHEL 6 iptables Rules to CentOS/RHEL 7 firewalld

by admin

Below we demonstrate three common methods for transforming the iptables rules into the firewalld controls. Our example shows the transformation of one iptables rule output by the iptables-save command:

LOG_TEST_NEW - [0:0]
-A LOG_TEST_NEW -m limit --limit 2/min -j LOG --log-prefix "New Connection"

The example rule logs up to two log entries per minute. The log entry is labeled with the string “New Connection.”

Using The firewalld GUI (Applications -> Sundry -> Firewall)

1. Create a Rule Chain

2. Put the Rule and bind it to the Rule Chain

Using The firewall-cmd Command Line

# firewall-cmd --direct --add-chain ipv4 filter LOG_TEST_NEW
# firewall-cmd --direct --add-rule ipv4 filter LOG_TEST_NEW 0 -m limit --limit 2/min -j LOG --log-prefix 'New Connection' --log-level 4
success

Editing The /etc/firewalld/direct.xml Ruleset

# cat /etc/firewalld/direct.xml
<?xml version="1.0" encoding="utf-8"?>
<direct>
  <chain table="filter" ipv="ipv4" chain="LOG_NEW" />
  <rule priority="0" table="filter" ipv="ipv4" chain="LOG_NEW"> -m limit --limit 2/min -j LOG --log-prefix 'New Connection' --log-level 4 </rule>
</direct>

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. chown Command Examples in Linux
  2. Basic vi commands (cheat sheet)
  3. What is Soft Links and Hard Links in Linux File System
  4. How to Disable Ctrl+c or Ctrl+z Using the “trap” Command in Linux
  5. How to Use Iperf to Test Network Performance in Linux
  6. What is SUID, SGID and Sticky bit ?
  7. How to Stop/disable Firewalld on CentOS/RHEL 8
  8. Intel I219-LM Centos 6 network failed to start
  9. tuned-adm and Oracle
  10. CentOS / RHEL : How to Set up SFTP to Chroot Jail only for Specific Group

You May Also Like

Primary Sidebar

Recent Posts

  • JavaFX ComboBox: Set a value to the combo box
  • Nginx load balancing
  • nginx 504 gateway time-out
  • Images preview with ngx_http_image_filter_module

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright