Skip to content

Instantly share code, notes, and snippets.

@dungdt88

dungdt88/firewall-cmd-rich-rule.md

Last active September 26, 2023 22:42
Show Gist options
  • Save dungdt88/dcd6afe2a6765368a98df6e3ef4c744b to your computer and use it in GitHub Desktop.
Save dungdt88/dcd6afe2a6765368a98df6e3ef4c744b to your computer and use it in GitHub Desktop.
Download ZIP
Allow docker to access all containers within host with firewall-cmd rich rule in Centos 7
Raw
firewall-cmd-rich-rule.md 
firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.0.0/16"
  port protocol="tcp" port="8080" accept'

Source: https://major.io/2014/11/24/trust-ip-address-firewallds-rich-rules/

Add interface docker0 to zone trusted

firewall-cmd --permanent --zone=trusted --change-interface=docker0

Add rich rule

firewall-cmd --zone=trusted --add-rich-rule='rule family="ipv4" source address="172.17.0.0/16" accept'

Reload firewall-cmd

firewall-cmd --reload
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment