Pi-Hole/docs
1
0
Fork 0
mirror of https://github.com/pi-hole/docs.git synced 2025-12-24 13:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup firewalled after removal of api port

Browse Source 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
This commit is contained in:
darkexplosiveqwx
2025-04-13 15:55:52 +02:00
parent 0e83f26d4e
commit 1e91036d56
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/main/prerequisites.md
View File

@@ -117,12 +117,10 @@ ip6tables -I INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
#### FirewallD
Using the `--permanent` argument will ensure the firewall rules persist reboots. If only IPv4 blocking is used for the Pi-hole installation, the `dhcpv6` service can be removed from the commands below. Create a new zone for the local interface (`lo`) for the pihole-FTL ports to ensure the API is only accessible locally. Finally `--reload` to have the new firewall configuration take effect immediately.
Using the `--permanent` argument will ensure the firewall rules persist reboots. If only IPv4 blocking is used for the Pi-hole installation, the `dhcpv6` service can be removed from the commands below. Finally `--reload` to have the new firewall configuration take effect immediately.
```bash
firewall-cmd --permanent --add-service=http --add-service=https --add-service=dns --add-service=dhcp --add-service=dhcpv6 --add-service=ntp
firewall-cmd --permanent --new-zone=ftl
firewall-cmd --permanent --zone=ftl --add-interface=lo
firewall-cmd --reload
```