general:linux:centos_7_-_fwbuilder

Table of Contents

Uninstall firewalld
Turn off network manager for interface(s) (to be able to use ifup-local script)
- Edit /etc/sysconfig/network-scripts/ifcfg-<nic>
Create script /sbin/ifup-local

Uninstall firewalld

rpm -e firewalld

Turn off network manager for interface(s) (to be able to use ifup-local script)

Edit /etc/sysconfig/network-scripts/ifcfg-<nic>

Add NM_CONTROLLED=no

Create script /sbin/ifup-local

set -o noclobber # So we don't accidentally overwrite existing file
cat << "EOF" > /sbin/ifup-local
#!/bin/sh

# Script to load FW rules when interface is brought up
EXTNIC=eth0
FWSCRIPT="/etc/fwbuilder.script"

if [ $# -ne 1 ]; then
  echo "Usage: $0: <nic>"
  exit 1
fi

if [ "$1" == "$EXTNIC" ]; then
  echo "Running FW script: $FWSCRIPT"
  exec "$FWSCRIPT"
fi
EOF
chmod +x /sbin/ifup-local

general/linux/centos_7_-_fwbuilder.txt · Last modified: 2020/11/17 19:39 by sunkan