[CentOS] firewalld question
Timothy Murphy
gayleard at eircom.net
Fri Mar 25 11:26:17 UTC 2016
Matthew Miller wrote:
>> I'n wondering if it is possible to have Centos-7 automatically change
>> firewall zones, depending on the network we conect to.
> The way to do this is changing the zone for the network in
> NetworkManager.
Are there two different ways of setting firewalld zones,
in firewalld and in NetworkManager?
Which is taken if they differ?
> (This works easily for wifi networks and is kind of a
> pain for wired ones, unfortunately, since there's not necessarily a
> good way to distinguish.) I don't have a CentOS (or RHEL) desktop and I
> don't remember offhand when this hit, but in Fedora, run the
> NetworkManager config panel, hit config on a network, and change the
> zone on the Security tab.
>
> Or, put "ZONE=public" or "ZONE=work" or whatever in the ifcfg file for
> the network.
>
> I'm hoping in the future to make this better, but there are actually a
> lot of different parts involved so it's hard to get everyone to agree
> on the best approach.
>
> I personally make "public" my default zone, and then add zones that
> should be more trusted to networks that should be more open.
I find the firewalld definition of "zones" rather confusing.
I run shorewall on my home server, and that seems to me
to have a much simpler definition of zones.
--
Timothy Murphy
gayleard /at/ eircom.net
School of Mathematics, Trinity College, Dublin
More information about the CentOS
mailing list