[Samba] Samba AD firewalld services
L.P.H. van Belle
belle at bazuin.nl
Thu Aug 27 13:12:45 UTC 2015
yes, i have a good google track record.. ;-)
on that site, read good..
...
With the Firewalld package, the firewall configuration of the main services
(ftp, httpd, etc) comes in the /usr/lib/firewalld/services directory.
>> But it is still possible to add new ones in the /etc/firewalld/services directory.
>> Also, if files exist at both locations for the same service, the file in the
>> /etc/firewalld/services directory takes precedence.
So do DONT touch the content /usr/lib/firewalld/services
copy it ( or some) and add it in /etc/firewalld/services make your changes there..
If you touch content in /usr/lib/firewalld/services you may loose it with an update.
greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: Robert Moskowitz [mailto:rgm at htt-consult.com]
>Verzonden: donderdag 27 augustus 2015 15:06
>Aan: L.P.H. van Belle; samba at lists.samba.org
>Onderwerp: Re: [Samba] Samba AD firewalld services
>
>
>
>On 08/27/2015 08:50 AM, L.P.H. van Belle wrote:
>> After reading this thread.. and ..seeing the comments..
>>
>> I googled a bit around. and yes.. more then 5 sec.. ;-)
>>
>> I wonder why almost every "centos/redhat/rpm based" howto
>removes firewalld with the base iptables service
>> now, i'm not "pro" systemd or con systemd, i use it but i
>set my firewall with ufw,
>> which is much more flexable in my opinion.
>> I just dont care about how it starts.. as long as it works..
>>
>> so i found this one..
>> http://www.certdepot.net/rhel7-get-started-firewalld/
>> looks very nice, it explains all.
>
>Your search foo is greater than mine. But I have a long track
>record of
>a very low foo rating on my searches.
>
>Yes. All pointed out there. I see what I need in
>/usr/lib/firewalld/services
>
>> base on that, howto create a "samba4-ad" service with
>multiple ports in it.
>> or better, split it up in to..
>> samba4-kerberos
>> samba4-smbd
>> samba4-nmbd
>> etc..
>>
>> The only thing i cant see there in the "HAProxy example" is you can
>> add multiple "port / protools" in there.
>> thats up to you.
>>
>> but i think you wil manage that.
>>
>> .. side note..
>> Firewalling is not really a samba topic.. but we are all
>(yes Rowland to) happy to help you..
>> ;-) Rowland is just not a "fan" of systemd.. ROFL...
>
>Yet needed to be covered in the Wiki. Just like DNS is.
>
>Once upon a time I did a lot of my own firewalling. Worked a lot with
>Shorewall on a Centos 3? server. Going to have to dust off some old
>skills here.
>
>> Greetz,
>>
>> Louis
>
>thanks
>
>
>
More information about the samba
mailing list