On 3/24/2017 3:16 AM, Łukasz Posadowski wrote: > Data Wed, 22 Mar 2017 19:56:03 -0400 > James Pifer <jep at obrien-pifer.com> wrote: > >> I apologize if this has been asked and answered, but I googled and >> attempted things for several hours today without success. > Iptables isn't used by default, at least not directly. Easiest way to > do dosable firewall is: > # systemctl mask firewalld > and restart the machine. > > 192.168.122. subnet is something for libvirt and KVM. I have it > completely disabled on my locals and VPSes without any problem. > > If You write specific rules in /etc/sysconfig/iptables > and /etc/sysconfig/ip6tables, with > -F > -X > -P INPUT DROP > at the beginning, any trace of 192.168.122 will be gone. Here's mine > ipv4 rules for my local machines: > ------------------------ > *filter > -F > -X > -P INPUT DROP > -A INPUT -s 0/0 -m state --state RELATED,ESTABLISHED -j ACCEPT > > # localhost > -A INPUT -i lo -j ACCEPT > > # ping > -A INPUT -p icmp -j ACCEPT > > # ssh > -A INPUT -s 192.168.234.0/24 -p tcp --dport 22 -j ACCEPT > > COMMIT > ------------------------ > Thanks for the help. Basically I was making it more complex than it needed to be. Disabling firewalld and removing the libvirt NIC did the job. Thanks James