FreeKB - firewalld firewall-cmd - lockdown
firewalld firewall-cmd - lockdown

Home > Search


If you are not familar with firewalld and the firewall-cmd, check out our Getting Started article.

If the firewall is not locked down, services may be able to make changes to the firewall. The firewall can be locked down.

~]# firewall-cmd --lockdown=on

 

You will no longer be able to add a service to the firewall.

~]# firewall-cmd --add-service=dhcp --permanent
Error: ACCESS_DENIED: lockdown is enabled

 

Issue this command so that only you can modify the firewall. Reload the firewall, and you will again be able to modify the firewall.

~]# firewall-cmd --add-lockdown-whitelist-command='/usr/bin/python -Es /usr/bin/firewall-cmd*' --permanent

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter 3efcb in the box below so that we can be sure you are a human.




Comments