The firewalld was allowing cockpit on the the external interface. First tried by disabling firewalld and enabling iptables. This seemed to help but it is an old and tedious process needing to enable each process one by one so stopped and disabled iptables and set about understanding firewalld.
Found that both the interfaces enp2s0 and enp3s0 were in the zone called "FedoraServer" which had exceptions for cockpit, squid, ssh, dhcpv6-client, smtp, pop3 & ftp. So moved the interface enp2s0 to the zone "drop" which drops all incoming connections without giving any message. The command for changing zone is:
firewall-cmd --zone=drop --change-interface=enp2s0
Found that both the interfaces enp2s0 and enp3s0 were in the zone called "FedoraServer" which had exceptions for cockpit, squid, ssh, dhcpv6-client, smtp, pop3 & ftp. So moved the interface enp2s0 to the zone "drop" which drops all incoming connections without giving any message. The command for changing zone is:
firewall-cmd --zone=drop --change-interface=enp2s0
No comments:
Post a Comment