And if you're running IPv4 and IPv6, remember to ensure that the firewall allows on both v4 and v6 addresses families. Please also allow ICMP so users can diagnose connection problems more easily (allow them to ping your server). Cheers from Canada, Jonathan On 2020-01-21 00:02, Alpix wrote: > Good morning Francisco J. Badaró Valente Neto, > > what services do you offer? > Only http and https? > > If you also offer rsync or ftp, those ports need to be open too. > > As far I know there is no need for other open ports. > Keep in mind that you also use rsync to stay in sync. So the outgoing > request to the server you sync from and the answer of this server need > to pass the firewall. > > > Greetings from Germany > Lukas > > > Sent from my samsung smart fridge. > > Francisco Badaró <francisco at itsbrasil.net > <mailto:francisco at itsbrasil.net>> schrieb am Di., 21. Jan. 2020, 02:41: > > Hello Centos community, > > One question, in relation to security in mirror centos: > > - Can I apply a default drop firewall , accept policy for only a few > ports? > > Accept only ports: > > TCP/UDP Port 80 (http) > TCP Port 443 (https) > > Are there any restrictions on the part of the CENTOS community for > the application of firewall policy for the mirror host? > > Have another Port to open in firewall ? > > Best Regards, > ------ > Francisco J. Badaró Valente Neto > Gerente de Telecomunicações e Treinamento > ITS BRASIL > Chave Pública PGP: 3C0197DADD86E00869A1F3ABEED24941A5292F14 > Tel.: + 55 71 34020870 > Cel: +55 71 981717310 > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror at centos.org <mailto:CentOS-mirror at centos.org> > https://lists.centos.org/mailman/listinfo/centos-mirror > > > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror at centos.org > https://lists.centos.org/mailman/listinfo/centos-mirror >