Good morning Francisco J. Badaró Valente Neto,

what services do you offer?

Only http and https?

If you also offer rsync or ftp, those ports need to be open too.

As far I know there is no need for other open ports.

Keep in mind that you also use rsync to stay in sync. So the outgoing request to the server you sync from and the answer of this server need to pass the firewall.

Greetings from Germany

Lukas

Sent from my samsung smart fridge.

Francisco Badaró <francisco@itsbrasil.net> schrieb am Di., 21. Jan. 2020, 02:41:

Hello Centos community,

One question, in relation to security in mirror centos:

- Can I apply a default drop firewall , accept policy for only a few ports?

Accept only ports:

TCP/UDP Port 80 (http)
TCP Port 443 (https)

Are there any restrictions on the part of the CENTOS community for the application of firewall policy for the mirror host?

Have another Port to open in firewall ?

Best Regards,
------
Francisco J. Badaró Valente Neto
Gerente de Telecomunicações e Treinamento
ITS BRASIL
Chave Pública PGP: 3C0197DADD86E00869A1F3ABEED24941A5292F14
Tel.: + 55 71 34020870
Cel: +55 71 981717310
_______________________________________________
CentOS-mirror mailing list
CentOS-mirror@centos.org
https://lists.centos.org/mailman/listinfo/centos-mirror