firewall-d for FreeIPA

First hack at a script to open the ports needed by FreeIPA. On Fedora 18, running Firewall D, I ran the below script. Comments and corrections welcome.

#!/bin/bash 

PORTS='80 443 389 636 88 464 53'
for PORT in $PORTS
do
        firewall-cmd --add-port=$PORT/tcp
done

PORTS='88 464 123 53'
for PORT in $PORTS
do
        firewall-cmd --add-port=$PORT/udp
done

Note, this will not persist across reboots.
To persist across reboots:

 cp /usr/lib/firewalld/zones/public.xml /etc/firewalld/zones/

and edit it. Unfortunately, there are not services entries yet for all of the services in firewall-d, at least no in Fedora. For now, grab the values from
The Red Hat Bugzilla Entry for More Services for Firewall-D and put them under /etc/firewalld/services/

2 thoughts on “firewall-d for FreeIPA”

Here is the rest of the code I use to implement the firewall definitions you referenced:

https://bugzilla.redhat.com/show_bug.cgi?id=885483

Thanks Dean, that is awesome. Much appreciated.

Dean Hunter on April 22, 2013 at 3:47 pm said:

Here is the rest of the code I use to implement the firewall definitions you referenced:

https://bugzilla.redhat.com/show_bug.cgi?id=885483
Adam Young on April 22, 2013 at 6:53 pm said:

Thanks Dean, that is awesome. Much appreciated.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Adam Young's Web Log

The Notebook of a Programmer Climber Musician Ex-Soldier Woodworker and a few other things

2 thoughts on “firewall-d for FreeIPA”

Leave a Reply