On 28 January 2017 at 12:01, TE Dukes <tdukes at palmettoshopper.com> wrote: > > >> -----Original Message----- >> From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of James >> Hogarth >> Sent: Saturday, January 28, 2017 4:18 AM >> To: CentOS mailing list >> Subject: Re: [CentOS] firewalld >> >> On 28 Jan 2017 3:02 am, "TE Dukes" <tdukes at palmettoshopper.com> wrote: >> >> >> >> > -----Original Message----- >> > From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Gordon >> > Messmer >> > Sent: Friday, January 27, 2017 9:23 PM >> > To: CentOS mailing list >> > Subject: Re: [CentOS] firewalld >> > >> > On 01/27/2017 06:01 PM, TE Dukes wrote: >> > > I telnet localhost 143, I get connection refused. >> > > >> > > What zone is used for the local network and what zone is used for >> > > outside access? >> > >> > All traffic from localhost is allowed. No zone is involved. >> > >> > The zone for "outside" access depends on which interface receives the >> > packet, and what zone you've put that interface in. I believe that >> defaults to >> > "public." >> >> I'm telneting in from ssh on a machine on the local network, still > getting >> connection refused. >> >> The zone apparently means something because an interface can only be on >> one. >> Moving it to a different zone results in the same error (same > services/ports >> opened in each zone). >> >> I may as well disable firewalld and let my router handle the firewall. >> >> I don't plan to use my server as a workstation. >> >> >> Have a read through this and then decide on if you want to use it or not. >> >> You can also switch to iptables-service and mask firewalld if you want the >> same behaviour as in C6. >> >> 7.3 also has nftables as a tech preview, but I've not finished my article > on that >> yet. > > I saw something about that somewhere. > > Did you forget a link? > > Thanks > Oops you're right I did ... https://www.hogarthuk.com/?q=node/9