May 30, 2017

Firewall-cmd of Lesson 40

Hello 

Working on Firewall-cmd in Lesson 40. I do not understand why curl allows access to the web server from the local machine but not from a remote computer to the same URL. This is concerning because, in the LFCS exam, we will have only have access to a single host terminal and so need a reliable way to test firewall rules.

Context:

firewall-cmd is configured to block http, https services and port 80. However, it forwards port 8080 to port 80:

root@SandBox1:~# firewall-cmd --list-all

public (default, active)

  interfaces: ens160

  sources:

  services: dhcpv6-client mysql ssh

  ports:

  protocols:

  masquerade: no

  forward-ports: port=8080:proto=tcp:toport=80:toaddr=

  icmp-blocks:

  rich rules:

Web server is running on port 80:

root@SandBox1:~# netstat -anp | grep apache2

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      2424/apache2

Question:

Why does curl http://192.168.1.175 on the same host return a web page when port 80 is blocked? If I try to curl http://192.168.1.175 from a different, I get the expected behavior - Port 80: No route to host.  

Best Regards

SMK

Click Here!