Otu esi emepe ọdụ ụgbọ mmiri maka adreesị IP akọwapụtara na Firewalld

Kedu ka m ga-esi kwe ka okporo ụzọ si na adreesị IP dị na netwọk nkeonwe m ma ọ bụ kwe ka okporo ụzọ si na netwọk nkeonwe site na firewalld, gaa n'ọdụ ụgbọ mmiri ma ọ bụ ọrụ na Red Hat Enterprise Linux (RHEL) ma ọ bụ CentOS server?

N'ime edemede a dị mkpirikpi, ị ga-amụta ka esi emepe ọdụ ụgbọ mmiri maka adreesị IP kpọmkwem ma ọ bụ netwọk netwọk na RHEL ma ọ bụ CentOS nkesa gị na-agba ọkụ firewalld.

Ụzọ kachasị mma isi dozie nke a bụ iji mpaghara firewalld. Yabụ, ịkwesịrị ịmepụta mpaghara ọhụrụ nke ga-ejide nhazi ọhụrụ (ma ọ bụ ị nwere ike iji mpaghara ọ bụla echekwara echekwabara).

Mepee ọdụ ụgbọ mmiri maka adreesị IP akọwapụtara na Firewalld

Buru ụzọ mepụta aha mpaghara kwesịrị ekwesị (n'ọnọdụ anyị, anyị ejirila mariadb-access mee ka ịnweta sava nchekwa data MySQL).

# firewall-cmd --new-zone=mariadb-access --permanent

Na-esote, bugharịa ntọala firewalld ka itinye mgbanwe ọhụrụ ahụ. Ọ bụrụ na ịgafe nzọụkwụ a, ị nwere ike nweta mperi mgbe ị na-agbalị iji aha mpaghara ọhụrụ. N'oge a, mpaghara ọhụrụ kwesịrị ịpụta na listi mpaghara dịka e gosipụtara na nseta ihuenyo na-esonụ.

# firewall-cmd --reload
# firewall-cmd --get-zones

Ọzọ, tinye adreesị IP isi iyi (10.24.96.5/20) na ọdụ ụgbọ mmiri (3306) nke ịchọrọ imeghe na sava mpaghara dịka egosiri. Wee bugharịa ntọala firewalld ka itinye mgbanwe ọhụrụ ahụ.

# firewall-cmd --zone=mariadb-access --add-source=10.24.96.5/20 --permanent
# firewall-cmd --zone=mariadb-access --add-port=3306/tcp  --permanent
# firewall-cmd --reload

N'aka nke ọzọ, ịnwere ike ịhapụ okporo ụzọ site na netwọkụ niile (10.24.96.0/20) gaa na ọrụ ma ọ bụ ọdụ ụgbọ mmiri.

# firewall-cmd --zone=mariadb-access --add-source=10.24.96.0/20 --permanent
# firewall-cmd --zone=mariadb-access --add-port=3306/tcp --permanent
# firewall-cmd --reload

Iji gosi na mpaghara ọhụrụ ahụ nwere ntọala achọrọ dị ka agbakwunyere n'elu, jiri iwu na-esonụ lelee nkọwa ya.

# firewall-cmd --zone=mariadb-access --list-all 

Wepu Port na Mpaghara na Firewalld

Ị nwere ike wepu adreesị IP ma ọ bụ netwọk isi iyi dịka egosiri.

# firewall-cmd --zone=mariadb-access --remove-source=10.24.96.5/20 --permanent
# firewall-cmd --reload

Iji wepu ọdụ ụgbọ mmiri na mpaghara ahụ, nye iwu a, wee bugharịa ntọala firewalld:

# firewall-cmd --zone=mariadb-access --remove-port=3306/tcp --permanent
# firewall-cmd --reload

Iji wepụ mpaghara ahụ, mee iwu na-esonụ, ma bugharịa ntọala firewalld:

# firewall-cmd --permanent --delete-zone=mariadb-access
# firewall-cmd --reload

Ikpeazụ ma ọ bụghị ndepụta, ị nwekwara ike iji firewalld ọgaranya iwu. Nke a bụ ọmụmaatụ:

# firewall-cmd --permanent –zone=mariadb-access --add-rich-rule='rule family="ipv4" source address="10.24.96.5/20" port protocol="tcp" port="3306" accept'

Ntụaka: Iji na ịhazi firewalld na akwụkwọ RHEL 8.

Ọ bụ ya! Anyị na-atụ anya na azịza ndị dị n'elu baara gị uru. Ọ bụrụ ee, mee ka anyị mara site n'ụdị nzaghachi n'okpuru. Ị nwekwara ike ịjụ ajụjụ ma ọ bụ kesaa nkwupụta izugbe gbasara isiokwu a.