Configuring a Firewall for SANnav

Installation / Configuring a Firewall for SANnav

Perform the following steps to set up a firewall using firewalld. This example uses Red Hat Enterprise Linux (RHEL) 7.4.

1. Start the firewall using the following command.

sudo systemctl start firewalld

2. Check that the firewall is running.

sudo systemctl status firewalld

3. Enable the firewall automatically after a system reboot.

sudo systemctl enable firewalld

4. Add the ssh service to the trusted zone.

sudo firewall-cmd --zone=public --permanent --add-service=ssh

If any other default ports are customized, add the services for these ports as well. For example, if you are using https port 443, enter the following command:

sudo firewall-cmd --zone=public --permanent --add-service=https

5. Add ports using the following commands.

Note that in the following commands, public is the default zone. If your default zone is different, then use your default zone for the ports.

sudo firewall-cmd --zone=public --add-port=2377/tcp --permanent
sudo firewall-cmd --zone=public --add-port=7946/tcp --permanent
sudo firewall-cmd --zone=public --add-port=7946/udp --permanent
sudo firewall-cmd --zone=public --add-port=4789/udp --permanent

6. Associate the interface (if this is not done already) with the default profile.

sudo firewall-cmd --permanent --zone=public --change-interface=<interface_name>

7. After the ports are added, use the following command to reload the firewall configuration.

sudo firewall-cmd --reload

8. Verify whether the configuration is correct.

sudo firewall-cmd --list-all

Parent topic

Installation