firewall-cmd --zone=public --permanent --add-port=0-65535/tcp

firewall-cmd --zone=public --add-port=0-65535/tcp

firewall-cmd --zone=public --permanent --add-port=0-4463/udp

firewall-cmd --zone=public --add-port=0-4463/udp

firewall-cmd --zone=public --permanent --add-port=4471-65535/udp

firewall-cmd --zone=public --add-port=4471-65535/udp

systemctl enable firewalld

systemctl start firewalld

this should allow all ports through except 4454 to 4470 udp. Others are blocked by primary firewall.

Trying to add hole

sudo firewall-cmd --add-rich-rule='rule family=ipv4 source address=92.6.153.82 accept'

this worked:

firewall-cmd --zone=jackson --add-rich-rule='rule family=ipv4 source address=92.6.153.82/32 port port=4470 protocol=udp accept'

jackson rules. Add interface to make active

jackson (active)
target: default
icmp-block-inversion: no
interfaces: bond0.108
sources:
services: ssh
ports: 4471-65535/udp 0-4463/udp 0-65535/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="92.6.153.82/32" port port="4470" protocol="udp" accept

rich rule added to open up port 4470

How to get ip address of connected

$ set -- $SSH_CLIENT
$ echo $1

$1 is the ip address


This topic: Public > UserList > BarryGreen > JackAudioConnectionKitNotes > ECAD0Firewalld
Topic revision: r4 - 20 Nov 2020 - BarryGreen
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding RHUL Physics Department TWiki? Send feedback