centos 7 firewall-cmd --panic-on idle

1.1k views Asked by At

Here I am exploring the security features, and when I enter "firewall-cmd --panic-on" to the CLI, the system just hangs idle.

Centos 7 Kernel 3.10

I think this is not supposed to happen, b/c as I read the documentation, I see I should be able to firewall-cmd --panic-off, but I cannot even ssh through another terminal unless I restart the server.

Is the system corrupt?

Is there a bug with "firewall-cmd --panic-on"?

How can I figure out the source of the problem?

1

There are 1 answers

1
IAmAliYousefi On BEST ANSWER
   --panic-on
       Enable panic mode. All incoming and outgoing packets are dropped, active connections will expire. Enable this only if there are

serious problems with your network environment. For example if the machine is getting hacked in. As this switch drops all incoming connections and kills established active connections, so you can not issue --panic-off using ssh. You have to run firewall-cmd --panic-off using console access. running firewall-cmd --panic-on will apply configuration in runtime level so by simply restarting the server you can access ssh session. never run firewall-cmd --panic-on --permanent you can verify panic status by running firewall-cmd --query-panic