Difference between revisions of "OPS235 Assignment 2 Tips"

From CDOT Wiki
Jump to: navigation, search
(Turning Firewall On/Off on CentOS 7)
(To check the current status of SELinux)
Line 21: Line 21:
 
Loaded policy name:            targeted
 
Loaded policy name:            targeted
 
Current mode:                  enforcing
 
Current mode:                  enforcing
 +
Mode from config file:          enforcing
 +
Policy MLS status:              enabled
 +
Policy deny_unknown status:    allowed
 +
Max kernel policy version:      28
 +
</pre>
 +
 +
* setenforce 0
 +
* sestatus
 +
<pre>
 +
SELinux status:                enabled
 +
SELinuxfs mount:                /sys/fs/selinux
 +
SELinux root directory:        /etc/selinux
 +
Loaded policy name:            targeted
 +
Current mode:                  permissive
 
Mode from config file:          enforcing
 
Mode from config file:          enforcing
 
Policy MLS status:              enabled
 
Policy MLS status:              enabled

Revision as of 13:18, 29 July 2015

Turning Firewall On/Off on CentOS 7

To turn it off

  • /usr/sbin/iptables -F
  • /usr/sbin/iptables -P INPUT ACCEPT
  • /usr/sbin/iptables -P OUTPUT ACCEPT

To turn it on

  • systemctl restart firewalld.service

Turning SELinux On/Off on CentOS 7

To turn off SELinux temporary into permissive mode

  • setenforce 0

To turn SELinx back on from permissive mode

  • setenforce 1

To check the current status of SELinux

  • sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28
  • setenforce 0
  • sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28