Hi. On Mon, Jul 22, 2019 at 04:16:58PM -0500, Charles Zeitler wrote: > On Mon, Jul 22, 2019 at 11:33 AM Reco <recovery...@enotuniq.net> wrote: > > > > On Mon, Jul 22, 2019 at 08:22:41AM -0500, Charles Zeitler wrote: > > > how do i configure firewalld to allow nntp? > > > > Unless you did something very unconventional, firewalld should not > > prevent you from establishing outbound connections from your host. > > Therefore no configuration should be required. > > > > But, since you have to ask I assume that it's not that simple. > > So, please post the output of "/sbin/iptables-save" executed as root.
Let's get started. This one could ruin your day (SELinux), but the rules are empty: > *security ... > :OUTPUT_direct - [0:0] > -A OUTPUT -j OUTPUT_direct And this one too, but it can not: > *filter ... > :OUTPUT ACCEPT [1029141:87693717] ... > :OUTPUT_direct - [0:0] > -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT ... > -A OUTPUT -j OUTPUT_direct So, unless you're trying to connect via IPv6 (and in this case it's called "/sbin/ip6tables-save"), or have custom nft rules that cannot be translated to conventional iptables syntax - firewalld should not prevent you from using nntp. Reco
