Please help me to understand the question:
cat /etc/httpd/conf/httpd.conf | grep Listen
yum install firewalld -y
systemctl start firewalld && systemctl enable firewalld && systemctl status firewalld
firewall-cmd --state && firewall-cmd --reload
sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp
sudo firewall-cmd --reload
sudo systemctl restart firewalld
sudo firewall-cmd --zone=public --list-all
systemctl status nginx && systemctl status httpd
Did u allow nginx port and add LoadBalancer rich rule in the firewalld.
@Inderpreet … nginx service is running on stapp01, still it says nginx is not reachable on app server 1
firewall-cmd --zone=public --add-port=8098/tcp --permanent #Nginx
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“172.16.238.14” port port=3000 protocol=tcp accept’ #Forward traffic from LB to Apache
Dont forget to add the interface
firewall-cmd --permanent --zone=public --change-interface=eth0
Validate your configuration
firewall-cmd --get-active-zones
firewall-cmd --zone=public --list-all
Hi @Inderpreet I’m facing issue with the lab while doing the firewalld task
The service isn’t starting.
Hi,
Db exception can be fixed by restarting below services
sudo systemctl restart dbus
sudo systemctl restart firewalld
1 Like
Try with this command iptables -F, its working for me, and just try to connect after using this command.
Hi @ramith
i get an error when run last command (apache)
Could you please help me how to fix this.
ramith
June 18, 2020, 1:12pm
#12
@yogendra you have to add a rich rule as I have mentioned
firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“172.16.238.14” port port=5003 protocol=tcp accept’
Hi ramith,
I get errors when running rich rule command:
is there something wrong with the command, i’m unable to complete this step
Montbra
August 18, 2020, 12:45am
#14
I’ve had problems with single quote character
AdithiR
August 31, 2020, 5:18pm
#15
Hey!
Try firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=ipv4 source address=172.16.238.14 port port=<apache_port> protocol=tcp accept’
sudheer
October 8, 2020, 2:36pm
#16
Thanks it worked later, as issue with " ’ "
I used the below commands and the Nginx service is also running, but still, the task was failed.
sudo yum install firewalld -y
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --zone=public --add-port=8093/tcp --permanent
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“172.16.238.14” port port=5000 protocol=tcp accept’
@Tej-Singh-Rana @sudheer @AdithiR @Montbra @ramith @Inderpreet
sunthar
December 28, 2020, 8:57pm
#18
this task can be completed with few steps (questions are the major hints)
let me know if anyone needs help with this task.
swatip
January 5, 2021, 10:12am
#19
If any wanna know where made mistake gone through for better understanding
@swatip
Seems like you haven’t blocked Apache port for all others except for LB host. What is the error you got after submitting the task ?