Git Product home page Git Product logo

firewalld-explain's Introduction

firewalld-explain

Runs firewall-cmd --list-all-zones and prints a summary of all relevant information.
Alternatively, it can scan firewall-cmd_--list-all-zones from a sosreport

Example:

  • Default text only output:

    $ sudo ./firewalld-explain.py 
    
    192.168.2.0/24 -> trusted (target:ACCEPT)
    
    10.0.0.0/16 -> test-zone (target:default) 
      Ports: 1234/tcp
    
    enp1s0 -> public (target:default) 
      Services: cockpit,dhcpv6-client,ssh
    
    enp4s0 -> test-zone (target:default) 
      Ports: 1234/tcp
    
    All_other_traffic -> public (target:default) 
      Services: cockpit,dhcpv6-client,ssh
    
  • Table format:

    $ sudo ./firewalld-explain.py -T
    ╒═════╤════════════════╤═══════════╤══════════╤════════════════╤═══════════════════════════╤═════════════╤══════════════╤══════════╕
    │   # │ Trigger        │ Zone      │ Ports    │ Source ports   │ Services                  │ Protocols   │ Rich rules   │ Target   │
    ╞═════╪════════════════╪═══════════╪══════════╪════════════════╪═══════════════════════════╪═════════════╪══════════════╪══════════╡
    │   1 │ 192.168.2.0/24 │ trusted   │          │                │                           │             │              │ ACCEPT   │
    ├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
    │   2 │ 10.0.0.0/16    │ test-zone │ 1234/tcp │                │                           │             │              │ default  │
    ├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
    │   3 │ enp1s0         │ public    │          │                │ cockpit dhcpv6-client ssh │             │              │ default  │
    ├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
    │   4 │ enp4s0         │ test-zone │ 1234/tcp │                │                           │             │              │ default  │
    ├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
    │   5 │ Other traffic  │ public    │          │                │ cockpit dhcpv6-client ssh │             │              │ default  │
    ╘═════╧════════════════╧═══════════╧══════════╧════════════════╧═══════════════════════════╧═════════════╧══════════════╧══════════╛
    
  • Dot format:
    $ sudo ./firewalld-explain.py -D

  • Open automatically the generated graph:

    $ sudo ./firewalld-explain.py -D -V

  • Open automatically the generated graph via an arbitrary command:

    $ sudo ./firewalld-explain.py -D -E "graph-easy --input=%f"
    #================#     +----------------+     +---------------------------------------+     +---------+
    H  10.0.0.0/16   H --> | zone:test-zone | --> |            Ports: 1234/tcp            | --> | default |
    #================#     +----------------+     +---------------------------------------+     +---------+
                             ^                                                                    ^
                             |                                                                    |
                             |                                                                    |
    #================#     +----------------+                                                     |
    H 192.168.2.0/24 H     |     enp4s0     |                                                     |
    #================#     +----------------+                                                     |
      |                                                                                           |
      |                                                                                           |
      v                                                                                           |
    +----------------+     +----------------+     +---------------------------------------+       |
    |  zone:trusted  | --> |                | --> |                ACCEPT                 |       |
    +----------------+     +----------------+     +---------------------------------------+       |
    +----------------+     +----------------+     +---------------------------------------+       |
    |     enp1s0     | --> |  zone:public   | --> | Services: cockpit, dhcpv6-client, ssh | ------+
    +----------------+     +----------------+     +---------------------------------------+
    
    
    
  • Scan from a sosreport:

    $ ./firewalld-explain.py -S /path/to/sosreport
    

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.