Home » Infrastructure » Cloud and Hosting » firewalld and DB System nodes (OCI DB System, OL7.9)
firewalld and DB System nodes [message #689332] Fri, 24 November 2023 11:12
John Watson
Messages: 8962
Registered: January 2010
Location: Global Village
Senior Member
DB System nodes have the firewall not only disabled but masked:
[root@agoco ~]#
[root@agoco ~]# systemctl status firewalld
● firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
[root@agoco ~]#
[root@agoco ~]#
there is no way that can pass the CIS Benchmark for a security audit. It would be easy enough to unmask, start and configure it but I don't know if that is going to break any of the OCI automated management facilities. I have a TAR open asking whether I can do this, but no response yet. If ever. What has anyone else done? Any problems with enabling the firewalld?

Compute Instances don't have quite the same problem: it is disabled but not masked. So I'm assuming that it is OK to enable it. Any thoughts on that?

Thankyou for any insight.

Report message to a moderator

Previous Topic: Difference between cloud computing and distributed computing?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Jan 02 08:42:14 CST 2025
.:: Forum Home :: Blogger Home :: Wiki Home :: Contact :: Privacy ::.