Leaderboard
Popular Content
Showing content with the highest reputation on 05/04/20 in all areas
-
Numele meu este Dorel. Sunt administratorul website-ului seo.org. ro. Activez în acest domeniu de activitate din anul 2004.3 points
-
Welcome. * Arunca si tu meniul ala cu GDPR in footer. Nu e serviciu de vanzare sa-l promovezi in meniul principal1 point
-
1 point
-
Sa inteleg ca iti merge sa intri pe un singur cont per browser? Adica poti sa intri pe 2 conturi diferite din 2 browsere diferite, dar de pe acelasi net (IP)?1 point
-
Din ce stiu MAC-ul nu se transmite / citi decat fizic fiind la acel PC /laptop. Seria este stocata hardware si nu "pleaca" oricand la cererea oricui. Plus ca e readonly.1 point
-
1 point
-
@vatman32 Omul a reusit de pe telefon cu datele mobile, nu hotspot. Problema este sa nu-ti inregistreze cumva mac-ul de la placa de retea atunci cand te inregistrezi/conectezi. Si indiferent de ce schimbi (ip, broweser, etc) el stie ca esti tot tu dupa adresa de mac.1 point
-
Ceva nu faci bine din pasii aia enumerati. Din ce ai enumerat, tind sa cred ca ai schimbat maxim IP-ul de LAN din moment ce pe date mobile a functionat. Baga extensia browsec si incearca din incognito (chrome). Daca nu reusesti, da-mi site-ul pe PM.1 point
-
A firewall is a method for monitoring and filtering incoming and outgoing network traffic. It works by defining a set of security rules that determine whether to allow or block specific traffic. A properly configured firewall is one of the most important aspects of overall system security. CentOS 8 ships with a firewall daemon named firewalld. It is a complete solution with a D-Bus interface that allows you to manage the system’s firewall dynamically. In this tutorial, we will talk about how to configure and manage the firewall on CentOS 8. We’ll also explain the basic FirewallD concepts. Prerequisites To configure the firewall service, you must be logged as root or user with sudo privileges. Basic Firewalld Concepts firewalld uses the concepts of zones and services. Based on the zones and services you’ll configure, you can control what traffic is allowed or blocked to and from the system. Firewalld can be configured and managed using the firewall-cmd command-line utility. In CentOS 8, iptables is replaced by nftables as the default firewall backend for the firewalld daemon. Firewalld Zones Zones are predefined sets of rules that specify the level of trust of the networks your computer is connected to. You can assign network interfaces and sources to a zone. Below are the zones provided by FirewallD ordered according to the trust level of the zone from untrusted to trusted: drop: All incoming connections are dropped without any notification. Only outgoing connections are allowed. block: All incoming connections are rejected with an icmp-host-prohibited message for IPv4 and icmp6-adm-prohibited for IPv6n. Only outgoing connections are allowed. public: For use in untrusted public areas. You do not trust other computers on the network, but you can allow selected incoming connections. external: For use on external networks with NAT masquerading enabled when your system acts as a gateway or router. Only selected incoming connections are allowed. internal: For use on internal networks when your system acts as a gateway or router. Other systems on the network are generally trusted. Only selected incoming connections are allowed. dmz: Used for computers located in your demilitarized zone that have limited access to the rest of your network. Only selected incoming connections are allowed. work: Used for work machines. Other computers on the network are generally trusted. Only selected incoming connections are allowed. home: Used for home machines. Other computers on the network are generally trusted. Only selected incoming connections are allowed. trusted: All network connections are accepted. Trust all of the computers in the network. Firewall services Firewalld services are predefined rules that apply within a zone and define the necessary settings to allow incoming traffic for a specific service. The services allows you to easily perform several tasks in a single step. For example, the service can contain definitions about opening ports, forwarding traffic, and more. Firewalld Runtime and Permanent Settings Firewalld uses two separated configuration sets, runtime, and permanent configuration. The runtime configuration is the actual running configuration and does not persist on reboot. When the firewalld daemon starts, it loads the permanent configuration, which becomes the runtime configuration. By default, when making changes to the Firewalld configuration using the firewall-cmd utility, the changes are applied to the runtime configuration. To make the changes permanent append the --permanent option to the command. To apply the changes in both configuration sets, you can use one of the following two methods: 01. Change the runtime configuration and make it permanent: sudo firewall-cmd <options> sudo firewall-cmd --runtime-to-permanent 02. Change the permanent configuration and reload the firewalld daemon: sudo firewall-cmd --permanent <options> sudo firewall-cmd --reload Enabling FirewallD On CentOS 8, firewalld is installed and enabled by default. If for some reason it is not installed on your system, you can install and start the daemon by typing: sudo dnf install firewalld sudo systemctl enable firewalld --now You can check the status of the firewall service with: sudo firewall-cmd --state If the firewall is enabled, the command should print running. Otherwise, you will see not running. Firewalld Zones If you haven’t changed it, the default zone is set to public, and all network interfaces are assigned to this zone. The default zone is the one that is used for everything that is not explicitly assigned to another zone. You can see the default zone by typing: sudo firewall-cmd --get-default-zone Output public To get a list of all available zones, type: sudo firewall-cmd --get-zones Output block dmz drop external home internal public trusted work To see the active zones and the network interfaces assigned to them: sudo firewall-cmd --get-active-zones The output below shows that the interfaces eth0 and eth1 are assigned to the public zone: Output public interfaces: eth0 eth1 You can print the zone configuration settings with: sudo firewall-cmd --zone=public --list-all Output public (active) target: default icmp-block-inversion: no interfaces: eth0 eth1 sources: services: ssh dhcpv6-client ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: From the output above, we can see that the public zone is active and uses the default target, which is REJECT. The output also shows that the zone is used by the eth0 and eth1 interfaces and allows DHCP client and SSH traffic. If you want to check the configurations of all available zones type: sudo firewall-cmd --list-all-zones The command prints a huge list with the settings of all available zone. Changing the zone target The target defines the default behavior of the zone for the incoming traffic that is not specified. It can be set to one of the following options: default, ACCEPT, REJECT, and DROP. To set the zone’s target, specify the zone with the --zone option and the target with the --set-target option. For example, to change the public zone’s target to DROP you would run: sudo firewall-cmd --zone=public --set-target=DROP Assigning an interface to a different zone You can create specific sets of rules for different zones and assign different interfaces to them. This is especially useful when you multiple interfaces on your machine. To assign an interface to a different zone, specify the zone with the --zone option and the interface with the --change-interface option. For example, the following command assigns the eth1 interface to the work zone: sudo firewall-cmd --zone=work --change-interface=eth1 Verify the changes by typing: sudo firewall-cmd --get-active-zones Output work interfaces: eth1 public interfaces: eth0 Changing the Default Zone To change the default zone, use the --set-default-zone option followed by the name of the zone you want to make default. For example, to change the default zone to home you would run the following command: sudo firewall-cmd --set-default-zone=home Verify the changes with: sudo firewall-cmd --get-default-zone Output home Creating new Zones Firewalld also allows you to create your own zones. This is handy when you want to create per-application rules. In the following example we’ll create a new zone named memcached, open the port 11211 and allow access only from the 192.168.100.30 IP address: 01. Create the zone: sudo firewall-cmd --new-zone=memcached --permanent 02. Add the rules to the zone: sudo firewall-cmd --zone=memcached --add-port=11211/udp --permanent sudo firewall-cmd --zone=memcached --add-port=11211/tcp --permanent sudo firewall-cmd --zone=memcached --add-source=192.168.100.30/32 --permanent 03. Reload the firewalld daemon to activate the changes: sudo firewall-cmd --reload Firewalld Services With firewalld you can allow traffic for specific ports and/or sources based on predefined rules called services. To get a list of all default available services type: sudo firewall-cmd --get-services You can find more information about each service by opening the associated .xml file within the /usr/lib/firewalld/services directory. For example, the HTTP service is defined like this: /usr/lib/firewalld/services/http.xml <?xml version="1.0" encoding="utf-8"?> <service> <short>WWW (HTTP)</short> <description>HTTP is the protocol used to serve Web pages. If you plan to make your Web server publicly available, enable this option. This option is not required for viewing pages locally or developing Web pages.</description> <port protocol="tcp" port="80"/> </service> To allow incoming HTTP traffic (port 80) for interfaces in the public zone, only for the current session (runtime configuration) type: sudo firewall-cmd --zone=public --add-service=http If you are modifying the default zone you can leave out the --zone option. To verify that the service was added successfully use the --list-services option: sudo firewall-cmd --zone=public --list-services Output ssh dhcpv6-client http To keep the port 80 open after a reboot run the same command once again with the --permanent option, or execute: sudo firewall-cmd --runtime-to-permanent Use the --list-services along with the --permanent option to verify your changes: sudo firewall-cmd --permanent --zone=public --list-services Output ssh dhcpv6-client http The syntax for removing service is the same as when adding one. Just use --remove-service instead of the --add-service flag: sudo firewall-cmd --zone=public --remove-service=http --permanent The command above removes the http service from the public zone permanent configuration. Creating a new FirewallD Service As we have already mentioned, the default services are stored in the /usr/lib/firewalld/services directory. The easiest way to create a new service is to copy an existing service file to the /etc/firewalld/services directory, which is the location for user-created services and modify the file settings. For example, to create a service definition for the Plex Media Server, you can use the SSH service file: sudo cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/plexmediaserver.xml Open the newly created plexmediaserver.xml file and change the short name and description for the service within the <short> and <description> tags. The most important tag you need to change is the port tag, which defines the port number and protocol you want to open. In the following example, we are opening ports 1900 UDP and 32400 TCP. /etc/firewalld/services/plexmediaserver.xml <?xml version="1.0" encoding="utf-8"?> <service version="1.0"> <short>plexmediaserver</short> <description>Plex is a streaming media server that brings all your video, music and photo collections together and stream them to your devices at anytime and from anywhere.</description> <port protocol="udp" port="1900"/> <port protocol="tcp" port="32400"/> </service> Save the file and reload the FirewallD service: sudo firewall-cmd --reload You can now use the plexmediaserver service in your zones same as any other service. Opening Ports and Source IPs Firewalld also allows you to quickly enable all traffic from a trusted IP address or on a specific port without creating a service definition. Opening a source IP To allow all incoming traffic from a specific IP address (or range), specify the zone with the --zone option and the source IP with the --add-source option. For example, to allow all incoming traffic from 192.168.1.10 in the public zone, run: sudo firewall-cmd --zone=public --add-source=192.168.1.10 Make the new rule persistent: sudo firewall-cmd --runtime-to-permanent Verify the changes using the following command: sudo firewall-cmd --zone=public --list-sources Output 192.168.1.10 The syntax for removing a source IP is the same as when adding one. Just use --remove-source instead of the --add-source option: sudo firewall-cmd --zone=public --remove-source=192.168.1.10 The protocol can be either tcp, udp, sctp, or dccp. Verify the changes: sudo firewall-cmd --zone=public --list-ports Output 8080 To keep the port open after a reboot, add the rule to the permanent settings by running the same command using the --permanent flag or by executing: sudo firewall-cmd --runtime-to-permanent The syntax for removing a port is the same as when adding a port. Just use --remove-port instead of the --add-port option. sudo firewall-cmd --zone=public --remove-port=8080/tcp Forwarding Ports To forward traffic from one port to another port, first enable masquerading for the desired zone using the --add-masquerade option. For example, to enable masquerading for the external zone, type: sudo firewall-cmd --zone=external --add-masquerade Forward traffic from one port to another on the IP address In the following example we are forwarding the traffic from port 80 to port 8080 on the same server: sudo firewall-cmd --zone=external --add-forward-port=port=80:proto=tcp:toport=8080 Forward traffic to another IP address In the following example we are forwarding the traffic from port 80 to port 80 on a server with IP 10.10.10.2: sudo firewall-cmd --zone=external --add-forward-port=port=80:proto=tcp:toaddr=10.10.10.2 To make the forward rule persistent, use: sudo firewall-cmd --runtime-to-permanent Conclusion You have learned how to configure and manage the firewalld service on your CentOS 8 system. Make sure to allow all incoming connections that are necessary for the proper functioning of your system, while limiting all unnecessary connections. If you have questions, feel free to leave a comment below. Source1 point
-
Daca vrei un job foarte bun nu o sa te ajute doar programarea, fa si un curs despre comunicare, o sa te ajute foarte mult sa negociezi, cum sa stii sa te comporti intr-un team, etc. Iti recomand dale carnegie how to make friends1 point
-
Ai putea sa incerci sa iti schimbi user agent-ul, poti folosi o extensie precum Chameleon1 point
-
1 point
-
Programarea nu o inveti intr-o scoala, o inveti prin practica, bine intai trebui sa inveti syntaxa acelui limbaj dupa aceea totul depinde de practica. In UK daca te duci la o firma mai prestigioasa nu o sa te intrebe asa mult de scoala/colegiu, diploma te ajuta sa treci de HR dar la un interviu o sa dai un test prin care ei o sa isi dea seama in ce categorie te incadrezi junior/medium sau senior. Alege un limbaj mergi pe el ca freelancer un pic sau chiar pe gratis pana iti faci un portofoliu stabil si nu ma refer la 2-3 website-uri, proiecte mai avansate, mai complexe si dupa aceea te poti angaja undeva chiar pe bani frumosi. Nu iti spun din auzite ci din propria experienta. (Arunca un ochi si peste blockchain developing, au salarii foarte mari.)1 point
-
Salut, exista firme la care se preda programarea. Nu le cunosc, DAR sunt destul de sigur ca vei invata foarte bine de acolo. Insa sunt 2 probleme: 1. Costa ceva, probabil nu foarte mult, nu am idee 2. Dureaza al dracu de mult. Adica vreo 6 luni sau chiar mai mult. Stiu ca sa inveti programare, dar in 6 ani invat sa proiectez rachete Cat despre facultate nu o sa te ajute atat de mult cat iti imaginezi. Insa da foarte bine la CV. Sugestia mea e sa inveti singur si sa practici singur. Partea cu practicatul e extrem de importanta. Si iti aduce un portofoliu pe care il ai pentru angajare. Cel mai important e sa alegi ceea ce iti place. Iti place PHP? Mergi cu el mai departe. Cred ca se cauta mai mult Java, dar orice e OK. Dupa ce inveti un limbaj bine poti trece destul de usor pe altul. Daca ai nevoie de alte sugestii, poti sa vii cu niste intrebari mai concrete. Sau sa ne spui ca iti place, ce ai vrea sa faci etc. Si sa intelegi ca noi ne dam cu parerea, nu inseamna ca orice zicem e adevarat.1 point
-
1 point