Ping a Specific Port

Question

ToBeReplaced

Asked: 2015-03-05 10:09:04 +0800 CST2015-03-05 10:09:04 +0800 CST 2015-03-05 10:09:04 +0800 CST

How can I enable protocol traffic with firewalld?

772

I need to allow Protocol 50 (esp) traffic for ipsec.

I can do:

iptables -A INPUT -p esp
iptables -A OUTPUT -p esp

How could I do this with firewalld instead?

Same question closed on StackOverflow because it was off-topic.

2 Answers

Voted

Michael Hampton · Answer 1 · 2015-03-05T10:19:38+08:00

Best Answer

Michael Hampton

2015-03-05T10:19:38+08:002015-03-05T10:19:38+08:00

You'll need to use a (fairly simple) rich rule for this.

For example:

firewall-cmd --zone=vpnendpoint --add-rich-rule="rule protocol value=esp accept"

3

GregL · Answer 2 · 2015-03-05T10:21:46+08:00

GregL

2015-03-05T10:21:46+08:002015-03-05T10:21:46+08:00

I'm by no means an iptables or firewalld expert, but it seems to me something like this would work:

firewall-cmd --permanent --direct --add-rule filter INPUT -p esp -j ACCEPT
firewall-cmd --permanent --direct --add-rule filter OUTPUT -p esp -j ACCEPT

If you have zones and such all setup, you could also do it with the --zone and --add-rich-rule options instead of --direct.

1

How can I enable protocol traffic with firewalld?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?