I'm having issues with an rsyncd. systemctl status rsyncd shows it running rsyncd.service - fast remote file copy program daemon Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled) Active: active (running) since Wed 2015-02-25 10:57:02 EST; 4h 43min ago Main PID: 31672 (rsync) CGroup: /system.slice/rsyncd.service `-31672 /usr/bin/rsync --daemon --no-detach
But firewall-cmd --list-all public (default, active) interfaces: em1 em2 sources: services: dhcpv6-client mountd nfs rpc-bind samba ssh ports: 631/udp 22/tcp masquerade: no forward-ports: icmp-blocks: rich rules:
And yet if I do iptables-save, it shows 873 open.
a) which should I believe, firewall-cmd or iptables-save? b) why does firewall-cmd not show 837 open? c) I've been googling, and know that I can tell firewall-cmd to open the port, but if there's a "correct" way, presumably one that will show rsyncd on the services line, I'd like to do it that way.
Clues?
mark
firewall-cmd --add-service=rsyncd
To make it permanent, do the above and this: firewall-cmd --permanent --add-service=rsyncd
Chris Murphy
Chris Murphy wrote:
firewall-cmd --add-service=rsyncd
firewall-cmd --add-service=rsyncd Error: INVALID_SERVICE: rsyncd
Is there another place that there needs to be an rsyncd service file, whatever it's supposed to be named, *other* than where systemd wants it?
mark
To make it permanent, do the above and this: firewall-cmd --permanent --add-service=rsyncd
Chris Murphy _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, 2015-02-25 at 16:33 -0500, m.roth@5-cent.us wrote:
Chris Murphy wrote:
firewall-cmd --add-service=rsyncd
firewall-cmd --add-service=rsyncd Error: INVALID_SERVICE: rsyncd
Is there another place that there needs to be an rsyncd service file, whatever it's supposed to be named, *other* than where systemd wants it?
mark
You can also specify the port firewall-cmd --permanent --add-port=<rsync_port>/tcp
To make it permanent, do the above and this: firewall-cmd --permanent --add-service=rsyncd
Chris Murphy _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, Feb 25, 2015 at 2:39 PM, Earl A Ramirez earlaramirez@gmail.com wrote:
On Wed, 2015-02-25 at 16:33 -0500, m.roth@5-cent.us wrote:
Chris Murphy wrote:
firewall-cmd --add-service=rsyncd
firewall-cmd --add-service=rsyncd Error: INVALID_SERVICE: rsyncd
Is there another place that there needs to be an rsyncd service file, whatever it's supposed to be named, *other* than where systemd wants it?
mark
You can also specify the port firewall-cmd --permanent --add-port=<rsync_port>/tcp
For what it's worth, anytime --permanent is used, the change is not dynamic, firewalld needs to be restarted. So instead, do the command twice, once with and once without --permanent. The order doesn't matter.
I'm on Fedora 22 Server which has this already:
# cat /usr/lib/firewalld/services/rsyncd.xml <?xml version="1.0" encoding="utf-8"?> <service> <short>Rsync in daemon mode</short> <description>Rsync in daemon mode works as a central server, in order to house centralized files and keep them synchronized.</description> <port protocol="tcp" port="873"/> <port protocol="udp" port="873"/> </service>
And also: # dnf provides /usr/lib/firewalld/services/rsyncd.xml Using metadata from Wed Feb 25 12:01:25 2015 firewalld-0.3.13-2.fc22.noarch : A firewall daemon with D-Bus interface providing a dynamic firewall Repo : @System
So I can't tell you if this will work in your case and if there's some way within firewall-cmd to create these service files or not.
Chris Murphy
Chris Murphy wrote:
I'm on Fedora 22 Server which has this already:
# cat /usr/lib/firewalld/services/rsyncd.xml
<?xml version="1.0" encoding="utf-8"?>
<service> <short>Rsync in daemon mode</short> <description>Rsync in daemon mode works as a central server, in order to house centralized files and keep them synchronized.</description> <port protocol="tcp" port="873"/> <port protocol="udp" port="873"/> </service>
And also: # dnf provides /usr/lib/firewalld/services/rsyncd.xml Using metadata from Wed Feb 25 12:01:25 2015 firewalld-0.3.13-2.fc22.noarch : A firewall daemon with D-Bus interface providing a dynamic firewall Repo : @System
So I can't tell you if this will work in your case and if there's some way within firewall-cmd to create these service files or not.
Ok, *that's* the missing file. I looked in both /etc/firewalld/services and /usr/lib/firewalld/services, and there's no rsyncd in either.
So, is this a CentOS bug, or upstream's problem?
mark
On Wed, Feb 25, 2015 at 4:14 PM, m.roth@5-cent.us wrote:
So, is this a CentOS bug, or upstream's problem?
No idea. Guessing, it's probably missing upstream because at the time firewalld was stabilizing for RHEL7 it was brand new even on Fedora. So I'll bet a bunch of service files just aren't created.