iptables -A INPUT -p tcp --tcp-flags RST RST -J DROP
I would like to know the firewall-cmd command equivalent to.
The purpose is to know that devices on the network may send RSTs and disconnect.
So I want to drop the RST packet.
"Who threw the reset packet?"
"Ignoring the Great Firewall of China" (Page 9, Section 5)
CentOS Linux release 7.7.1908
In this server, StrongSuwan is run and used as a VPN server for IKEv2.
I'm still studying firewall-cmd, and I can only understand the basic operations.
I searched for information on overseas sites, but I couldn't find it.
Answer # 1
firewall-cmd --direct --add-rule ipv4 filter INPUT -p tcp --tcp-flags RST RST -j DROP
Seems to have gone
- Detailed introduction of the firewall-cmd command in CentOS 7
- [centos7] i want to allow smtp only for specific domains with firewalld
- i want to install and operate gitlab on centos7 on virtualbox
- http access is not possible with centos7
- about centos7 [errno 13] permission denied
- i want to control the network with centos7 on vmware vsphere
- construct environment on centos7
- dns installation fails on centos7
- centos7 gitlab installation reconfigure stops halfway
- kvm unable to get global ip from virtual os (centos7)
- cannot install policycoreutils-python on centos7
- how to determine pasv_min_port and pasv_max_port in centos7 vsftpd
- yum update is not possible with centos7
- installation of socketio does not work on centos7
- after installing centos7 with virtualbox, restarting, it will return to the installation screen
- change of font size of centos7 on virtualbox
- no updates as a result of yum check-update on centos7
- can't use ping etc when bridge connection of centos7 and fixed ip address?
- laravel cannot be installed with centos7
- apache - i can't access the web server built on sakura's vps
- centos - about firewalld direct rule
- linux - error occurs when firewall is stopped
- cannot access browser with centos7&apache
- centos - dealing with fail2ban of ip that connects persistently with postfix
- regarding the meaning of the display of centos7 firewalld zone active, there is a possibility that the rejection of the specific
- linux - about rules for firewalld that rejects only specific segments and specific ports and allows others
- linux - [centos 8] how to set fail2ban
- linux - i can't stop journalctl logging after changing the log level