Difference between revisions of "OpenHPC: Configure Firewalld"

From Define Wiki
Jump to navigation Jump to search
(Created page with "== Configuring Firewalld to forward traffic between Internal and External Interfaces == <syntaxhighlight> firewall-cmd --zone=external --add-interface=eno2 --permanent firewall-cmd --zo...")
 
Line 16: Line 16:
 
firewall-cmd --complete-reload
 
firewall-cmd --complete-reload
 
firewall-cmd --list-all-zones
 
firewall-cmd --list-all-zones
 +
</syntaxhighlight>
 +
 +
== Add ports to the internal firewall to allow functionality such as SLURM, NFS and Ganglia ==
 +
 +
<syntaxhighlight>
 +
firewall-cmd --permanent --zone=internal --add-port=6817/tcp
 +
firewall-cmd --permanent --zone=internal --add-port=6817/udp
 +
firewall-cmd --permanent --zone=internal --add-port=6818/tcp
 +
firewall-cmd --permanent --zone=internal --add-port=6818/udp
 +
firewall-cmd --permanent --zone=external --add-service=http
 +
firewall-cmd --permanent --zone=external --add-service=https
 +
firewall-cmd --permanent --zone=internal --add-port=8660/tcp
 +
firewall-cmd --permanent --zone=internal --add-port=8661/tcp
 +
firewall-cmd --permanent --zone=internal --add-port=8662/tcp
 +
firewall-cmd --permanent --zone=internal --add-port=8663/tcp
 +
firewall-cmd --permanent --zone=internal --add-port=8660/u
 +
firewall-cmd --permanent --zone=internal --add-port=8661/udp
 +
firewall-cmd --permanent --zone=internal --add-port=8662/udp
 +
firewall-cmd --permanent --zone=internal --add-port=8663/udp
 +
firewall-cmd --permanent --zone=internal --add-port=8651/udp
 +
firewall-cmd --permanent --zone=internal --add-port=8651/tcp
 +
systemctl restart firewalld
 
</syntaxhighlight>
 
</syntaxhighlight>

Revision as of 11:15, 16 December 2015

Configuring Firewalld to forward traffic between Internal and External Interfaces

firewall-cmd --zone=external --add-interface=eno2 --permanent
firewall-cmd --zone=internal --add-interface=eno1 --permanent

firewall-cmd --zone=external --add-masquerade --permanent
firewall-cmd --permanent --direct --passthrough ipv4 -t nat -I POSTROUTING -o eno2 -j MASQUERADE -s 10.10.10.0/24
firewall-cmd --permanent --zone=internal --add-service=dhcp
firewall-cmd --permanent --zone=internal --add-service=tftp
firewall-cmd --permanent --zone=internal --add-service=dns
firewall-cmd --permanent --zone=internal --add-service=http
firewall-cmd --permanent --zone=internal --add-service=nfs
firewall-cmd --permanent --zone=internal --add-servive=ssh
firewall-cmd --permanent --zone=internal --add-service=ssh
firewall-cmd --complete-reload
firewall-cmd --list-all-zones

Add ports to the internal firewall to allow functionality such as SLURM, NFS and Ganglia

firewall-cmd --permanent --zone=internal --add-port=6817/tcp
firewall-cmd --permanent --zone=internal --add-port=6817/udp
firewall-cmd --permanent --zone=internal --add-port=6818/tcp
firewall-cmd --permanent --zone=internal --add-port=6818/udp
firewall-cmd --permanent --zone=external --add-service=http
firewall-cmd --permanent --zone=external --add-service=https
firewall-cmd --permanent --zone=internal --add-port=8660/tcp
firewall-cmd --permanent --zone=internal --add-port=8661/tcp
firewall-cmd --permanent --zone=internal --add-port=8662/tcp
firewall-cmd --permanent --zone=internal --add-port=8663/tcp
firewall-cmd --permanent --zone=internal --add-port=8660/u
firewall-cmd --permanent --zone=internal --add-port=8661/udp
firewall-cmd --permanent --zone=internal --add-port=8662/udp
firewall-cmd --permanent --zone=internal --add-port=8663/udp
firewall-cmd --permanent --zone=internal --add-port=8651/udp
firewall-cmd --permanent --zone=internal --add-port=8651/tcp
systemctl restart firewalld
Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=OpenHPC:_Configure_Firewalld&oldid=11452"