Skip to main content

Initial Settings : Firewall

 [1]. It's possible to show FireWall Service Status like follows. (enabled by default)

[root@localhost ~]# systemctl status firewalld

*  firewalld.service - firewalld - dynamic firewall daemon

   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor p>

   Active: active (running) since Wed 2019-09-24 23:16:35 JST; 18min ago

     Docs: man:firewalld(1)

 Main PID: 801 (firewalld)

    Tasks: 2 (limit: 25025)

   Memory: 30.9M

   CGroup: /system.slice/firewalld.service

           └─801 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork ->


Sep 24 23:16:34 localhost.localdomain systemd[1]: Starting firewalld - dynamic >

Sep 24 23:16:35 localhost.localdomain systemd[1]: Started firewalld - dynamic f>


# [Active: active (running) ***] means firewalld is running now

[2].   If you use FireWall service, it needs to modify FireWall settings manually because incoming requests for services are mostly not allowed by default.

Refer to here for basic Firewall operation and settins.

Configuration examples of CentOS 8 on this site are based on the environment Firewalld service is always enabled.

[3]. If you don't need FireWall service because of some reasons like that some FireWall Machines are running in your Local Netowrk or others, it's possbile to stop and disable FireWall service on CentOS server like follows.

# stop service

[root@localhost ~]# systemctl stop firewalld

# disable service

[root@localhost ~]# systemctl disable firewalld

Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Initial Settings : SELinux

[4] It's possible to show current SELinux (Security-Enhanced Linux) Status like follows. (enabled by default)

[root@localhost ~]# getenforce

Enforcing     # SELinux is enabled

[5].  If you enable SELinux, there are cases to modify SELinux policy manually because sometimets SELinux stop applications.

Refer to here for basic SELinux operation and settins.

Configuration examples of CentOS 8 on this site are based on the environment SELinux is always Enforcing.

[6]. If you don't need SELinux feature because of some reasons like that your server is running only in Local safety Network or others, it's possbile to disable SELinux like follows.

[root@localhost ~]# vi /etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

# change the value below

# enforcing  ⇒ enabled

# disabled   ⇒ disabled

# permissive ⇒ enabled but only loging, not deny accesses

SELINUX=disabled

# SELINUXTYPE= can take one of these two values:

#     targeted - Targeted processes are protected,

#     minimum - Modification of targeted policy. Only selected processes are protected.

#     mls - Multi Level Security protection.

SELINUXTYPE=targeted


# restart computer to apply setting

[root@localhost ~]# reboot


Comments

Post a Comment

Popular posts from this blog

C++ How to use Date and Time

The C++ standard library does not provide a proper date type. C++ inherits the structs and functions for date and time manipulation from C. To access date and time related functions and structures, you would need to include <ctime> header file in your C++ program. There are four time-related types: clock_t, time_t, size_t , and tm . The types clock_t, size_t and time_t are capable of representing the system time and date as some sort of integer. The structure type tm holds the date and time in the form of a C structure having the following elements: struct tm { int tm_sec ; // seconds of minutes from 0 to 61 int tm_min ; // minutes of hour from 0 to 59 int tm_hour ; // hours of day from 0 to 24 int tm_mday ; // day of month from 1 to 31 int tm_mon ; // month of year from 0 to 11 int tm_year ; // year since 1900 int tm_wday ; // days since sunday int tm_yday ; // days since January 1st int tm_isdst ; // hours of daylight savin...
Post a Comment
Read more

PHP Error and Exception Handling

Error handling is the process of catching errors raised by your program and then taking appropriate action. If you would handle errors properly then it may lead to many unforeseen consequences. Its very simple in PHP to handle an errors. Using die() function: While wirting your PHP program you should check all possible error condition before going ahead and take appropriate action when required. Try following example without having /tmp/test.xt file and with this file. <?php if(!file_exists("/tmp/test.txt")) { die("File not found"); } else { $file=fopen("/tmp/test.txt","r"); print "Opend file sucessfully"; } // Test of the code here. ?> This way you can write an efficient code. Using abive technique you can stop your program whenever it errors out and display more meaningful and user friendly meassage. Defining Custom Error Handling Function: You can write your own function to handling any error. PHP provides y...
Post a Comment
Read more

PERL Some good framework

1. Catalyst is the most popular agile Perl MVC web framework that encourages rapid development and clean design without getting in your way. Catalyst | Perl MVC web application framework 2. Mojolicious is a next generation web framework for the Perl programming language. Back in the early days of the web, many people learned Perl because of a wonderful Perl   ... Mojolicious - Perl real-time web framework 3. Documents for Perl  The Perl Archive Network, the gateway to all things Perl. The canonical location for Perl code and modules. The Comprehensive Perl Archive Network - www. cpan .org
Post a Comment
Read more