Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Behavior of Deep Security Agent with the firewall service of RHEL 7

    • Updated:
    • 28 Aug 2017
    • Product/Version:
    • Deep Security 10.0
    • Deep Security 10.1
    • Deep Security 9.6
    • Platform:
    • Linux - Red Hat RHEL 7 64-bit
Summary

The firewalld is the firewall service of RHEL 7. Know how the Deep Security Agent (DSA) behaves with firewalld.

Details
Public

When only the DSA core (RPM or DEB) is installed, it will determine if iptables are loaded in the kernel or not. If the iptables are loaded, DSA adds one (1) iptables rule to open port 4118. Otherwise, it will fail to add iptables rule but the action will still be logged.

When the firewall, DPI, and WRS plug-ins are installed, the DSA will check if the use_iptables_with_dsa file exists. If it exists, DSA will not modify any iptables settings. If it is missing, DSA will turn off iptables.

In any cases, DSA does not touch any settings in firewalld as it works directly on iptables rules. This means that if the firewalld service is loaded, it will not be turned off directly. DSA only acts on the iptables kernel module.

Note that firewalld uses the iptables tool to communicate with the kernel packet filter. For more information, refer to this Red Hat article: 4.5.1.1. Comparison of firewalld to system-config-firewall and iptables.

RHEL 7 uses sysctl to control services. To disable firewalld service, run the following command as root:

systemctl disable firewalld

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1116678
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.