Appendix C: Firewall Rules
Please note the following ports:
80: ICE Server (HTTP)443: ICE Server (HTTPS)7443: Rallypoint (TLS)8443: Rallypoint Websocket (Secure Websocket, “wss”)8999: ICE OS Wizard (HTTPS): Access to the ICE OS Installation Wizard through the browserInternal and External Firewall Rules
Internal (Host)
sudo firewall-cmd --zone=public --permanent --add-port={6443,2379-2380,10250-10252,10255,30000-32767}/tcp
sudo firewall-cmd --zone=public --permanent --add-port=8472/udp
sudo firewall-cmd --zone=public --permanent --add-masquerade --permanent
sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
sudo firewall-cmd --zone=public --permanent --add-port=443/tcp
sudo firewall-cmd --zone=public --permanent --add-port=7443/tcp
sudo firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -m pkttype --pkt-type multicast -j ACCEPT
sudo firewall-cmd --zone=public --permanent --add-protocol=igmp
sudo firewall-cmd --zone=trusted --permanent --add-interface cni0
sudo firewall-cmd --reload
sudo sysctl --system
echo " Adding cni "
sudo firewall-cmd --zone=trusted --permanent --add-interface cni0
echo " Adding cni " echo " your firewall is configued as "
sudo firewall-cmd --list-all --zone trusted
sudo firewall-cmd --list-all --zone public
External
sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
sudo firewall-cmd --zone=public --permanent --add-port=443/tcp
sudo firewall-cmd --zone=public --permanent --add-port=7443/tcp