firewall の変更点

• 追加された行はこの色です。
• 削除された行はこの色です。
• firewall へ行く。
• firewall の差分を削除

#author("2022-01-18T16:07:52+09:00","","")

#author("2022-01-18T16:08:49+09:00","","")
#範囲指定
firewall-cmd --zone=home --add-source=192.168.10.0/24 --permanent
firewall-cmd --zone=internal --add-source=153.231.230.72/29 --permanent
 firewall-cmd --zone=home --add-source=192.168.10.0/24 --permanent
 firewall-cmd --zone=internal --add-source=153.231.230.72/29 --permanent

#削除
firewall-cmd --remove-service=smtp-submission --permanent
firewall-cmd --remove-service=smtp-submission --zone=home --permanent
firewall-cmd --remove-service=smtp-submission --zone=internal --permanent
 firewall-cmd --remove-service=smtp-submission --permanent
 firewall-cmd --remove-service=smtp-submission --zone=home --permanent
 firewall-cmd --remove-service=smtp-submission --zone=internal --permanent

firewall-cmd --remove-port=587/tcp --permanent
firewall-cmd --remove-port=587/tcp --zone=home --permanent
firewall-cmd --remove-port=587/tcp --zone=internal --permanent
 firewall-cmd --remove-port=587/tcp --permanent
 firewall-cmd --remove-port=587/tcp --zone=home --permanent
 firewall-cmd --remove-port=587/tcp --zone=internal --permanent

#確認
firewall-cmd --list-service
firewall-cmd --list-service --zone=home
firewall-cmd --list-service --zone=internal
 firewall-cmd --list-service
 firewall-cmd --list-service --zone=home
 firewall-cmd --list-service --zone=internal

#確認2
firewall-cmd --list-ports
firewall-cmd --list-ports --zone=home
firewall-cmd --list-ports --zone=internal
 firewall-cmd --list-ports
 firewall-cmd --list-ports --zone=home
 firewall-cmd --list-ports --zone=internal

 firewall-cmd --list-all
 firewall-cmd --list-all --zone=home
 firewall-cmd --list-all --zone=internal

firewall-cmd --list-all
firewall-cmd --list-all --zone=home
firewall-cmd --list-all --zone=internal
 firewall-cmd --list-forward-port
 firewall-cmd --list-forward-port --zone=home
 firewall-cmd --list-forward-port --zone=internal

firewall-cmd --list-forward-port
firewall-cmd --list-forward-port --zone=home
firewall-cmd --list-forward-port --zone=internal


#追加固定
firewall-cmd --add-service=smtp-submission --permanent
firewall-cmd --add-service=smtp-submission --zone=home --permanent
firewall-cmd --add-service=smtp-submission --zone=internal --permanent
 firewall-cmd --add-service=smtp-submission --permanent
 firewall-cmd --add-service=smtp-submission --zone=home --permanent
 firewall-cmd --add-service=smtp-submission --zone=internal --permanent

firewall-cmd --add-port=587/tcp --permanent
firewall-cmd --add-port=587/tcp --zone=home --permanent
firewall-cmd --add-port=587/tcp --zone=internal --permanent
 firewall-cmd --add-port=587/tcp --permanent
 firewall-cmd --add-port=587/tcp --zone=home --permanent
 firewall-cmd --add-port=587/tcp --zone=internal --permanent


#再読み込み
firewall-cmd --reload
 firewall-cmd --reload

#587の転送も追加すること！
firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --permanent
firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --zone=home --permanent
firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --zone=internal --permanent
 firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --permanent
 firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --zone=home --permanent
 firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --zone=internal --permanent


dhcpv6-client dns ftp http https imap imaps mysql ntp pop3 pop3s smtp smtp-submission smtps
cockpit dhcpv6-client dns ftp http https imap imaps mdns mysql pop3 pop3s samba-client smtp smtp-submission smtps ssh
cockpit dhcpv6-client dns ftp http https imap imaps mdns mysql pop3 pop3s samba-client smtp smtp-submission smtps ssh
 dhcpv6-client dns ftp http https imap imaps mysql ntp pop3 pop3s smtp smtp-submission smtps
 cockpit dhcpv6-client dns ftp http https imap imaps mdns mysql pop3 pop3s samba-client smtp smtp-submission smtps ssh
 cockpit dhcpv6-client dns ftp http https imap imaps mdns mysql pop3 pop3s samba-client smtp smtp-submission smtps ssh