Open main menu

CDOT Wiki β

Changes

Ops535 online a1

No change in size, 23:56, 22 February 2021
Network, firewall, and SELinux
==Network, firewall, and SELinux==
:* All your VMs must be accessible to each other via the private network.
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the labexcept your caching-only DNS server.:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need toconfigure the SELinux booleans accordingly.
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.
1,760
edits