Firewall Default Configuration
Topic:
Security
The default firewall configuration of a machine in a deployment run is set as follows:
- Linux inbound ports allowed on the cons3rt-net
- 22 TCP
- 5902 TCP
- ICMP
- Windows inbound ports allowed on the cons3rt-net
- 3389 TCP/UDP
- 5902 TCP
- All other incoming traffic on the cons3rt-net is either blocked or rejected
- All outgoing traffic on the cons3rt-net is not filtered
- Traffic on all other interfaces is not filtered
Using firewalld
The default firewall configuration is handled on Linux using iptables and iptables-service. To cleanly change over to firewalld and continue to allow remote access use the following script:
#!/bin/bash
yum -y remove iptables-services
systemctl disable iptables-service
systemctl stop iptables-service
rm -f /etc/sysconfig/iptables-startup
rm -f /lib/systemd/system/iptables-service.service
systemctl enable firewalld.service
systemctl start firewalld.service
firewall-cmd --permanent --add-port=22/tcp
firewall-cmd --permanent --add-port=5902/tcp
systemctl reload firewalld