Test Page

Set Zones:

sudo firewall-cmd --zone=external --change-interface=eth0 --permanent
sudo firewall-cmd --zone=internal --change-interface=eth1 --permanent

Set up Masquerading:

sudo firewall-cmd --zone=external --add-masquerade --permanent

Allow ICMP External:

sudo firewall-cmd --zone=external --remove-icmp-block=echo-reply --permanent
sudo firewall-cmd --zone=external --remove-icmp-block=echo-request --permanent

To Allow Internal Traffic:

Add

sudo firewall-cmd --zone=internal --add-service=http --permanent
# or
sudo firewall-cmd --zone=internal --add-port=80 --permanent

Remove

sudo firewall-cmd --zone=internal --remove-service=http --permanent
# or
sudo firewall-cmd --zone=internal --remove-port=80 --permanent

Port forward from internal to external:

Add

firewall-cmd --zone=external --add-forward-port=port=80:proto=tcp:toaddr=192.168.2.2 --permanent
firewall-cmd --zone=external --add-forward-port=port=443:proto=tcp:toaddr=192.168.2.2 --permanent

Remove

firewall-cmd --zone=external --remove-forward-port=port=80:proto=tcp:toaddr=192.168.2.2 --permanent
firewall-cmd --zone=external --remove-forward-port=port=443:proto=tcp:toaddr=192.168.2.2 --permanent

PreviousSetup NextAction Plan

Last updated 4 months ago