[CentOS] FirewallD issue

Thu Apr 21 22:28:55 UTC 2016
Marcin Trendota <moonwolf.rh at gmail.com>

On Thursday 21 of April 2016 2:37:49 PM Gordon Messmer wrote:
> On 04/21/2016 01:33 PM, Marcin Trendota wrote:
> > It's OpenVPN on chamber.
> What port is it using?  I don't see the standard port listed in your
> firewalld rules in either zone.

1194/udp. I added service openvpn and port 1194/udp (just to be sure) to 
both zones - no change.

[root at chamber openvpn]# firewall-cmd --list-all
home (default, active)
  interfaces: enp3s0 tun0 vbr0 virbr0 vnet0 vnet1
  sources: 
  services: dhcp dhcpv6-client dns http https imaps ipp-client mdns nfs 
openvpn samba samba-client vnc-server
  ports: 143/tcp 26666/tcp 1194/udp
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

[root at chamber openvpn]# firewall-cmd --list-all --zone=external
external (active)
  interfaces: enp1s0
  sources: 
  services: openvpn
  ports: 26666/tcp 1194/udp
  masquerade: yes
  forward-ports: 
  icmp-blocks: 
  rich rules: 

> Also, you probably should specify tun+ instead of tun0, even if you
> think there will only be one tunnel up at any given time.

Specify where?

Despite the fact than i can't scan their ports, i'm able to ping those 
hosts.

Maybe it's not firewalld related? I can scan ports from chamber (home 
router). I'll try tcpdump maybe, to see what is going on with packets?

-- 
Over And Out
MoonWolf