Saltstack Official FirewallD Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

57 lines
1.7KB

  1. # CentOS7 FirewallD firewall
  2. firewalld:
  3. enabled: True
  4. default_zone: public
  5. services:
  6. sshcustom:
  7. short: sshcustom
  8. description: SSH on port 3232 and 5252. Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.
  9. ports:
  10. tcp:
  11. - 3232
  12. - 5252
  13. modules:
  14. - some_module_to_load
  15. destinations:
  16. ipv4:
  17. - 224.0.0.251
  18. - 224.0.0.252
  19. ipv6:
  20. - ff02::fb
  21. - ff02::fc
  22. zones:
  23. public:
  24. short: Public
  25. description: "For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted."
  26. services:
  27. - http
  28. - https
  29. - ssh
  30. - dhcpv6-client
  31. # ports:
  32. # - comment: For our dummy service
  33. # port: 1234
  34. # protocol: tcp
  35. # forward_ports:
  36. # - comment: forward 123 to other machine
  37. # portid: 123
  38. # protocol: tcp
  39. # to_port: 321
  40. # to_addr: 1.2.3.4
  41. # rich_rules:
  42. # - family: ipv4
  43. # source:
  44. # address: 192.168.1.0/24
  45. # invert: true
  46. # port:
  47. # portid: 123-321
  48. # protocol: udp
  49. # log:
  50. # prefix: local
  51. # level: notice
  52. # limit: 3/s
  53. # audit:
  54. # limit: 2/h
  55. # reject:
  56. # type: icmp-host-prohibited