Git Product home page Git Product logo

firewalld-explain's Introduction

firewalld-explain

Runs firewall-cmd --list-all-zones and prints a summary of all relevant information.
Alternatively, it can scan firewall-cmd_--list-all-zones from a sosreport

Example:

  • Default text only output:

    $ sudo ./firewalld-explain.py 

192.168.2.0/24 -> trusted (target:ACCEPT)

10.0.0.0/16 -> test-zone (target:default) 
  Ports: 1234/tcp

enp1s0 -> public (target:default) 
  Services: cockpit,dhcpv6-client,ssh

enp4s0 -> test-zone (target:default) 
  Ports: 1234/tcp

All_other_traffic -> public (target:default) 
  Services: cockpit,dhcpv6-client,ssh

  • Table format:

    $ sudo ./firewalld-explain.py -T
╒═════╤════════════════╤═══════════╤══════════╤════════════════╤═══════════════════════════╤═════════════╤══════════════╤══════════╕
│   # │ Trigger        │ Zone      │ Ports    │ Source ports   │ Services                  │ Protocols   │ Rich rules   │ Target   │
╞═════╪════════════════╪═══════════╪══════════╪════════════════╪═══════════════════════════╪═════════════╪══════════════╪══════════╡
│   1 │ 192.168.2.0/24 │ trusted   │          │                │                           │             │              │ ACCEPT   │
├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
│   2 │ 10.0.0.0/16    │ test-zone │ 1234/tcp │                │                           │             │              │ default  │
├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
│   3 │ enp1s0         │ public    │          │                │ cockpit dhcpv6-client ssh │             │              │ default  │
├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
│   4 │ enp4s0         │ test-zone │ 1234/tcp │                │                           │             │              │ default  │
├─────┼────────────────┼───────────┼──────────┼────────────────┼───────────────────────────┼─────────────┼──────────────┼──────────┤
│   5 │ Other traffic  │ public    │          │                │ cockpit dhcpv6-client ssh │             │              │ default  │
╘═════╧════════════════╧═══════════╧══════════╧════════════════╧═══════════════════════════╧═════════════╧══════════════╧══════════╛

  • Dot format:
    $ sudo ./firewalld-explain.py -D

  • Open automatically the generated graph:

    $ sudo ./firewalld-explain.py -D -V

  • Open automatically the generated graph via an arbitrary command:

    $ sudo ./firewalld-explain.py -D -E "graph-easy --input=%f"
#================#     +----------------+     +---------------------------------------+     +---------+
H  10.0.0.0/16   H --> | zone:test-zone | --> |            Ports: 1234/tcp            | --> | default |
#================#     +----------------+     +---------------------------------------+     +---------+
                         ^                                                                    ^
                         |                                                                    |
                         |                                                                    |
#================#     +----------------+                                                     |
H 192.168.2.0/24 H     |     enp4s0     |                                                     |
#================#     +----------------+                                                     |
  |                                                                                           |
  |                                                                                           |
  v                                                                                           |
+----------------+     +----------------+     +---------------------------------------+       |
|  zone:trusted  | --> |                | --> |                ACCEPT                 |       |
+----------------+     +----------------+     +---------------------------------------+       |
+----------------+     +----------------+     +---------------------------------------+       |
|     enp1s0     | --> |  zone:public   | --> | Services: cockpit, dhcpv6-client, ssh | ------+
+----------------+     +----------------+     +---------------------------------------+

  • Scan from a sosreport:

    $ ./firewalld-explain.py -S /path/to/sosreport

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.