firewall-cmd --zone=public --permanent --add-port=0-65535/tcp
firewall-cmd --zone=public --add-port=0-65535/tcp
firewall-cmd --zone=public --permanent --add-port=0-4463/udp
firewall-cmd --zone=public --add-port=0-4463/udp
firewall-cmd --zone=public --permanent --add-port=4471-65535/udp
firewall-cmd --zone=public --add-port=4471-65535/udp
systemctl enable firewalld
systemctl start firewalld
this should allow all ports through except 4454 to 4470 udp. Others are blocked by primary firewall.
Trying to add hole
sudo firewall-cmd --add-rich-rule='rule family=ipv4 source address=92.6.153.82 accept'
this worked:
firewall-cmd --zone=jackson --add-rich-rule='rule family=ipv4 source address=92.6.153.82/32 port port=4470 protocol=udp accept'
jackson rules. Add interface to make active
jackson (active)
target: default
icmp-block-inversion: no
interfaces: bond0.108
sources:
services: ssh
ports: 4471-65535/udp 0-4463/udp 0-65535/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="92.6.153.82/32" port port="4470" protocol="udp" accept
rich rule added to open up port 4470
How to get ip address of connected
$ set -- $SSH_CLIENT
$ echo $1
$1 is the ip address