From 3ddb943dc4ed011eedb59902b1457ecf81221027 Mon Sep 17 00:00:00 2001 From: Sergio Correia Date: Tue, 10 Aug 2021 08:19:16 -0300 Subject: [PATCH] nbde-introduction: include steps to open the tang port in the firewall So that we can access it from other machines. --- nbde-introduction/background.sh | 6 ++++++ nbde-introduction/step2.md | 21 +++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/nbde-introduction/background.sh b/nbde-introduction/background.sh index 9f935f0e..0af955f5 100755 --- a/nbde-introduction/background.sh +++ b/nbde-introduction/background.sh @@ -27,6 +27,11 @@ setup_swap() { log "swap file set up successfully..." } +set_default_firewall_zone() { + firewall-cmd --set-default-zone libvirt + log "Default firewall zone set to libvirt" +} + ubuntu_deps() { log "(OS=ubuntu) Installing additional packages..." @@ -44,6 +49,7 @@ rhel8_deps() { dnf -y module install virt systemctl start libvirtd log "Packages installed successfully..." + set_default_firewall_zone } install_deps() { diff --git a/nbde-introduction/step2.md b/nbde-introduction/step2.md index 0b83d05f..29727745 100644 --- a/nbde-introduction/step2.md +++ b/nbde-introduction/step2.md @@ -34,3 +34,24 @@ This indicates that the server is responding as expected. Note that the actual values for the `payload` and other fields in the JSON will differ from the example output displayed above. + +## Opening the port used by `tang` in the firewall + +Finally, we should make sure we can access `tang` from other machines, which means the port it is listening to should +be reachable from these other machines. By default, `tang` works on TCP port 80 -- the same as the HTTP protocol --, so +we can open it in our scenario by issuing the following command: + +`firewall-cmd --add-port=80/tcp`{{execute}} + +Note: depending on how the firewall is set up, the command to open a specific port may be slightly different, but for our +scenario the command above will suffice. + +You can verify the port is open by issuing the next command: + +`firewall-cmd --list-ports`{{execute}} + +And the expected output here would be the following: + +``` +80/tcp +```