Firewall
Recommendations
Recommended firewall solution is to use firewalld.
But firewalld configuration can be easily understood and translated to other
solutions like nftables or iptables.
Configuring Firewalld for Onteon
FirewallD on Onteon Node Manager
- 8020 - available to WWW or selected IP addresses
firewall-cmd \
--permanent \
--zone=public \
--add-rich-rule="rule family=\"ipv4\" source address=\"PRIVATE_IP\" port protocol=\"tcp\" port=\"8020\" accept"
- 8030 - available to OCC
firewall-cmd \
--permanent \
--zone=public \
--add-rich-rule="rule family=\"ipv4\" source address=\"OCC_IP\" port protocol=\"tcp\" port=\"8030\" accept"
- range 10000-20000 - available between ONMs
firewall-cmd \
--permanent \
--zone=public \
--add-rich-rule="rule family=\"ipv4\" source address=\"OTHER_ONM\" port protocol=\"tcp\" port=\"10000-20000\" accept"
FirewallD on Onteon Control Center
- 8050 - available to ONMs
firewall-cmd \
--permanent \
--zone=public \
--add-rich-rule="rule family=\"ipv4\" source address=\"ONM_IP\" port protocol=\"tcp\" port=\"8050\" accept"
- 8050 - available to Onteon CLI
firewall-cmd \
--permanent \
--zone=public \
--add-rich-rule="rule family=\"ipv4\" source address=\"OCLI_IP\" port protocol=\"tcp\" port=\"8050\" accept"