Have tried a few things in Docker and the OS but still have not managed to get containers properly using IPv6 addresses. :blobfoxconfused:

IPv6 is currently used for inbound (the host's IPv6 address), but I can't do outbound unless I can get it working on the containers.

Does anyone know how to get #IPv6 working properly with #Docker? I'm using #Rocky EL8 with #firewalld in a VM.

Tried:
- static routing an IPv6 subnet;
- the forward option in firewalld;
- intra-zone firewalld ACCEPT policy (public and docker are my firewalld zones);
- macvlan and ipvlan adapter types (didn't work, presume due to VM networking)
- bridge adapter type with IPv6
- proxy_ndp on external interface (this broke all existing inbound IPv6).

Any suggestions would be appreciated.

A new "Your own extras" is available:

Check the new "Donation list" to support your favourite free and open source software.
It includes all the #donation links with all the listed #tutorials and #services we provide.

https://wiki.techsaviours.org/en/extras/donation_list

Still missing links:
- #lvm
- #luks
- #networkmanager
- #zram
- #sddm
- #firewalld
- #cronie ( #crontab )
- #rsync
- #AdGuardHome
- #redis
- #docker
- #LibreWolf
- #arkenfox
- #CustomNewTabPage
- #ProxySwitchOmega
- #Icecraven

#foss #donate

OK, I'm going back from #firewalld to #shorewall, at least on more complicated configurations. Firewalld is too confusing to me and is missing features I need (like, filtering on bridges).

How to Install #Firewalld on #Debian 12/11/10 🛡️ :debian:

https://www.linuxcapable.com/how-to-install-firewalld-on-debian-linux/

I prefer using #Podman over #Docker. When it comes to networking #netavark is doing a nice job. #IPv6 is just working.
Yet managing own firewall rules seems like a hasse.
You can set
NETAVARK_FW=firewalld
in /etc/environment and use #firewalld to set your filter rules.
I wouldn't want to use #firewalld but
NETAVARK_FW=nftables
is not supported, yet.

How to allow port on Firewalld? #firewalld

https://askubuntu.com/q/1476821/612

#Firewalld 2.0 Released With Faster Forwarding Performance Via NFTables Flowtable

https://www.phoronix.com/news/Firewalld-2.0

Original tweet : https://twitter.com/phoronix/status/1672310699039793152

Sometimes #occamsrazor really applies well. Before I went to bed last night, I enagged #tcpdump, a tool that helps with network troubleshooting, to figure out where the failure point was. It was firewall-related and not routing. I learned that I really need to read up on how firewalling with #firewalld works. I assumed it was effecting iptables but actually nftables. I have a boat load of learning to do.

what is 'target: default' of a zone's configuration in firewalld? #server #firewall #firewalld

https://askubuntu.com/q/1463093/612

@i -严禁混合 #firewalld 和 #docker,这两者混在一起有深坑-

Docker absichern mit firewalld

Mithilfe eigener Regelwerke lässt sich der Zugriff auf Docker Container über firewalld einschränken.

#firewalld #Docker #Container #Linux

https://gnulinux.ch/docker-absichern-mit-firewalld

RT igor_os777: Firewalld: Common Firewall Rules and Commands http://dlvr.it/SlbKwg #GeneralArticles #firewalld #iptables #security

Neu im #Blog Teil 5 zu den #RHEL System Roles. Heute zu #firewalld. URL: https://www.my-it-brain.de/wordpress/rhel-system-roles-firewall/

#Ansible

Note that i have a super long firewall-cmd command to put every fucking rules at DROP by default, icmp inversion true, forward & maskerade to no, and move the default to drop (and having all port, services richrules etc removed), to have a clean and blocked firewall by default to after change the settings myself, sad it's not the default for "desktop oriented", and only allow ssh for "server oriented" by default.

This command was a pain to do but now "sudo su" copy past wait a minutes and see all the "sucess", firewall-cmd reload && exit, and i can work to add proper settings for the firewall.

#fedora #redhat #silverblue #firewall #firewalld #security

Ports closed even though it says they're open? #vps #portforwarding #firewalld

https://askubuntu.com/q/1459172/612

IPSets mit firewalld

Mit IPSets lässt sich die Konfiguration von firewalld deutlich vereinfachen.

#Firewall #firewalld #Linux

https://gnulinux.ch/ipsets-mit-firewalld

Finally worked out how to do egress filtering with #firewalld - add an XML file in `/etc/firewalld/policies` with ingress-zone set to HOST and egress-zone set to public and then some rules.

We've added #adguardhome (and #firewalld) to our wiki.

https://wiki.techsaviours.org/en/server/services/adguardhome

As usual, also in #german available.

https://wiki.techsaviours.org/de/server/services/adguardhome

FOSSlife Weekly: Check out news and features you may have missed this week https://app.moosend.com/show_campaign/9cf3bb17-f6dc-4975-946f-19a8a856e3ad #FOSS #jobs #OpenSource #OMF #Metaverse #ChatGPT #firewalld #BharOS #microservices #Ubuntu #events #DevWeek

Get started with firewalld and learn how to add, change, and remove rules from your firewall zones https://www.fosslife.org/how-use-firewalld #Linux #firewalld #security #tools #firewall