Page 89 - RHEL8 BOOK
P. 89

Step 3: Mask Iptables & ip6tables services
          Disabling service and Stopping service will help us to keep services in stop state but later if you start
          services will start. If we add mask to service unfortunately if you try to start the service also service will
          not start until service need to be unmask
          [root@server ~]# systemctl mask ip6tables
          [root@server ~]# systemctl mask iptables
          [root@server ~]# systemctl status iptables
          [root@server ~]# systemctl status ip6tables

          Packages for firewall will be included in installation media itself no need to configure external
          repositories, if you want you can also configure EPEL repository OR Local repository
          Step 4: Install packages using yum command
          [root@Server ~]# yum install -y firewalld firewall-config
          [root@server ~]# systemctl status firewalld
          [root@server ~]# systemctl enable firewalld.service
          [root@server ~]# systemctl start firewalld.service

          Step 5: Check your default zone and active zone
          [root@server ~]# firewall-cmd --get-default-zone
          Public

          Step 6: Change Default Zone & verify active zone
          [root@server ~]# firewall-cmd --set-default-zone=home
          Success
          [root@server ~]# firewall-cmd --get-default-zone
          Home
          [root@server ~]# firewall-cmd --get-active-zones
          Public
          Step 7: check firewall version
          [root@server ~]# firewall-cmd --version

          Step 8: List out interfaces in zone
          [root@server ~]# firewall-cmd --zone=public --list-interfaces

          Step 9: Add new interface to Zone
          [root@server ~]# firewall-cmd --add-interface=eth0 --zone=public
          Success
          Step 10: Remove Interface from Zone
          [root@server ~]# firewall-cmd --remove-interface=eth0 --zone=public
          Success

          Step 11: List out currently loaded services on firewall
          [root@server ~]# firewall-cmd --get-services
          [root@server ~]# firewall-cmd --permanent --get-services

          Step 12: To drop all incoming and out going packets
          [root@server ~]# firewall-cmd --panic-on    [Disable incoming and out going packets]
          [root@server ~]# firewall-cmd --panic-off   [Enable incoming out going packets]
          [root@server ~]# firewall-cmd --query-panic  [check panic mode is enabled or disabled]



                                                       S. Pradhan
                             (MCA, MBA-IT, BCA, CCNA, MCSA 2012, RHCE, ETHICAL HACKING)
                                             Email Id:-spradhan.iiht@gmail.com
                                                           89
   84   85   86   87   88   89   90   91   92   93   94