You are not logged in.

Pages: 1

#1 2021-08-27 13:53:31

Cvlc
Member
Registered: 2020-03-26
Posts: 293

[solved] Firewalld not blocking traffic

Hi !

The documentation for Firewalld says that "Only selected incoming connections are accepted" in the "Public" and "Home" zones.

On my setup though, it doesn't appear to be the case. On my wlo1 connection set to zone "Home", with only the default services activated, I can see with ngrep that :

* a BitTorrent client receives TCP traffic through port 44771
* DNS over TLS works through port 853

$ firewall-cmd --list-all --zone=home
home (active)
  target: default
  icmp-block-inversion: no
  interfaces: wlo1
  sources: 
  services: dhcpv6-client mdns samba-client ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

The same happens when I activate my wireguard connection which I set to the "public" zone.

Am I understanding something wrong or is there a problem in my settings ?

Thanks !

Last edited by Cvlc (2021-08-28 15:00:07)

Offline

#2 2021-08-27 22:26:19

seth
Member
Registered: 2012-09-03
Posts: 60,922

Re: [solved] Firewalld not blocking traffic

I know nothing about firewalld, but https://serverfault.com/questions/10547 … stablished suggests that it adds reasonabl-ish conntrack rules by default.
You can look at your situation w/ "iptables -nvL"

The incoming traffic is probably not strictly incoming, but part of an ongoing communication that you triggered (DNS requests, bittorrent participation)?

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#3 2021-08-27 22:42:29

Cvlc
Member
Registered: 2020-03-26
Posts: 293

Re: [solved] Firewalld not blocking traffic

Thanks for your answer !

So opening up is TCP 853 would only be necessary in order to run a dns server I guess.
I'll check if bitttorrent is able to send files with the firewall activated and without the proper rules and report back

Offline

#4 2021-08-27 23:01:09

seth
Member
Registered: 2012-09-03
Posts: 60,922

Re: [solved] Firewalld not blocking traffic

systemd-resolved might be using 853 as local port for DNS/TLS
You'll not be able to *receive* files via bittorrent, for leeching you'd have to limit outbound traffic (and likely get kicked from the network, because nobody likes leechers. At least when I was young…er)

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#5 2021-08-28 15:00:43

Cvlc
Member
Registered: 2020-03-26
Posts: 293

Re: [solved] Firewalld not blocking traffic

You're right it's just already established connections. Inbound connections are properly blocked
thanks !

Offline

Pages: 1

Board footer

Powered by FluxBB