Firewall
2016/11/22 |
[1] | It's possible to show Service Status of FireWall like follows. (enabled by default) |
[root@localhost ~]# systemctl status firewalld * firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor pr Active: active (running) since Wed 2016-11-23 09:30:47 JST; 16min ago Docs: man:firewalld(1) Main PID: 758 (firewalld) Tasks: 3 (limit: 4915) CGroup: /system.slice/firewalld.service |---758 /usr/bin/python3 -Es /usr/sbin/firewalld --nofork --nopid ..... ..... |
[2] |
If you use FireWall service, it needs to modify settings of it because incoming requests for services are mostly not allowed by default.
Refer to here to basic operation and settings to configure firewalld service.
|
[3] | If FireWall service does not need for you because of some reasons like that some FireWall Machines are running in your Local Netowrk or others, it's possbile to stop and disable it like follows. |
# disable service [root@localhost ~]# systemctl disable firewalld Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. |
SELinux
|
[4] | It's possible to show Status of SELinux (Security-Enhanced Linux) like follows. (enabled by default) |
[root@localhost ~]# getenforce Enforcing # SELinux is enabled
|
[5] |
If you enable SELinux, Refer to here for basic operations and configurations of SELinux.
|
[6] | If SELinux function does not need for you because of some reasons like that your server is running only in Local safety Network or others, it's possbile to disable it like follows. |
[root@localhost ~]#
vi /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # change to disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted # restart to apply new setting [root@localhost ~]# |