{"@attributes":{"version":"2.0"},"channel":{"title":"Security on GerkinDev Devblog","link":"https:\/\/gerkin.dev\/en\/tags\/security\/","description":"Recent content in Security on GerkinDev Devblog","generator":"Hugo -- gohugo.io","language":"en","copyright":"\u00a9{year}, All Rights Reserved","lastBuildDate":"Tue, 02 Feb 2021 00:16:48 +0100","item":[{"title":"Setup the cluster's Audit Log","link":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/01-audit-log\/","pubDate":"Mon, 16 Nov 2020 02:35:47 +0100","guid":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/01-audit-log\/","description":"<div class=\"expand\">\n<button type=\"button\" class=\"expand__button\" aria-label=\"Expand Button\">\n<span class=\"expand-icon expand-icon__right\">\n<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\"><path fill=\"currentColor\" d=\"M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z\"\/><\/svg>\n<\/span>\nReferences\n<\/button>\n<div class=\"expand__content\">\n<ul>\n<li><a href=\"https:\/\/docs.kublr.com\/articles\/kubernetes-log-audit\/\" title=\"See on docs.kublr.com\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fas fa-external-link-alt\"><\/i>&nbsp;<i>\nhttps:\/\/docs.kublr.com\/logging\/logging-api-audit\/\n<\/i><\/a><\/li>\n<li><a href=\"https:\/\/mherman.org\/blog\/logging-in-kubernetes-with-elasticsearch-Kibana-fluentd\/\" title=\"See on mherman.org\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fas fa-external-link-alt\"><\/i>&nbsp;<i>\nLogging in Kubernetes with Elasticsearch, Kibana, and Fluentd\n<\/i><\/a><\/li>\n<li><a href=\"https:\/\/kubernetes.io\/docs\/tasks\/debug-application-cluster\/audit\/#log-collector-examples\" title=\"See in the docs of kubernetes.io\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fas fa-book-open\"><\/i>&nbsp;<i>\nAuditing | Kubernetes\n<\/i><\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<blockquote>\n<p><strong>Note :<\/strong> Even if this part is not <strong>required<\/strong>, you <strong>should<\/strong> not ignore it on dev environment and <strong>should<\/strong> really <em>really<\/em> <strong>REALLY<\/strong> not skip it for production. In fact, it can contain useful debug informations and security traces to see what is going on in your kubernetes cluster, and even on your whole server(s).<\/p>","category":["Kubernetes","Sysadmin","DevOps","Monitoring","Security","Kubernetes"]},{"title":"Setup cluster's authentication","link":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/07-authentication\/","pubDate":"Mon, 16 Nov 2020 02:35:47 +0100","guid":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/07-authentication\/","description":"<p>Here is a graph of the RBAC setup we are going to implement:<\/p>\n<p><img src=\".\/_assets\/schema.svg\" alt=\"RBAC\" \/><\/p>\n<h2 id=\"1-setup-keycloak\">1. Setup keycloak<\/h2>\n<p>We&rsquo;ll use keycloak to proxy our authentication for all monitors, using a single realm. You may use several realms in real-life situations. This is probably the tough part, and you may tweak heavily the following guide. Moreover, I may forgot to write some instructions, or somes are heavily linked to your very own setup.<\/p>","category":["Kubernetes","Sysadmin","DevOps","Web service","Security","Authentication","Kubernetes"]},{"title":"Administrate the cluster with authentication","link":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/08-kubernetes-user-management\/","pubDate":"Mon, 16 Nov 2020 02:35:47 +0100","guid":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/08-kubernetes-user-management\/","description":"<h2 id=\"create-the-realm-and-the-client\">Create the realm and the client<\/h2>\n<div class=\"expand\">\n<button type=\"button\" class=\"expand__button\" aria-label=\"Expand Button\">\n<span class=\"expand-icon expand-icon__right\">\n<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\"><path fill=\"currentColor\" d=\"M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z\"\/><\/svg>\n<\/span>\nReferences\n<\/button>\n<div class=\"expand__content\">\n<ul>\n<li><a href=\"https:\/\/github.com\/zufardhiyaulhaq\/engineering-notes\/blob\/master\/notes\/kubernetes-keycloak-integration.md\" title=\"See on GitHub\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fab fa-github\"><\/i>&nbsp;<i>\nengineering-notes\/notes\/kubernetes-keycloak-integration.md at master \u00b7 zufardhiyaulhaq\/engineering-notes \u00b7 GitHub\n<\/i><\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"highlight\"><div class=\"chroma\">\n<table class=\"lntable\"><tr><td class=\"lntd\">\n<pre tabindex=\"0\" class=\"chroma\"><code><span class=\"lnt\"> 1\n<\/span><span class=\"lnt\"> 2\n<\/span><span class=\"lnt\"> 3\n<\/span><span class=\"lnt\"> 4\n<\/span><span class=\"lnt\"> 5\n<\/span><span class=\"lnt\"> 6\n<\/span><span class=\"lnt\"> 7\n<\/span><span class=\"lnt\"> 8\n<\/span><span class=\"lnt\"> 9\n<\/span><span class=\"lnt\">10\n<\/span><span class=\"lnt\">11\n<\/span><span class=\"lnt\">12\n<\/span><span class=\"lnt\">13\n<\/span><span class=\"lnt\">14\n<\/span><span class=\"lnt\">15\n<\/span><span class=\"lnt\">16\n<\/span><\/code><\/pre><\/td>\n<td class=\"lntd\">\n<pre tabindex=\"0\" class=\"chroma\"><code class=\"language-sh\" data-lang=\"sh\"><span class=\"line\"><span class=\"cl\"><span class=\"nv\">REALM_URL<\/span><span class=\"o\">=<\/span><span class=\"s2\">&#34;https:\/\/keycloak.{{cluster.baseHostName}}\/auth\/realms\/{{apiServer.realmName}}&#34;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Log in<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nv\">TOKEN_RESPONSE<\/span><span class=\"o\">=<\/span><span class=\"s2\">&#34;<\/span><span class=\"k\">$(<\/span>curl <span class=\"se\">\\ <\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"> -d <span class=\"s2\">&#34;grant_type=password&#34;<\/span> <span class=\"se\">\\ <\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"> -d <span class=\"s2\">&#34;client_id={{apiServer.clientId}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -d <span class=\"s2\">&#34;client_secret={{apiServer.clientSecret}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -d <span class=\"s2\">&#34;username=admin-user&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -d <span class=\"s2\">&#34;password=admin-user&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> <span class=\"nv\">$REALM_URL<\/span>\/protocol\/openid-connect\/token<span class=\"k\">)<\/span><span class=\"s2\">&#34;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Extract the access token<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nv\">ACCESS_TOKEN<\/span><span class=\"o\">=<\/span><span class=\"s2\">&#34;<\/span><span class=\"k\">$(<\/span><span class=\"nb\">echo<\/span> <span class=\"s2\">&#34;<\/span><span class=\"nv\">$TOKEN_RESPONSE<\/span><span class=\"s2\">&#34;<\/span> <span class=\"p\">|<\/span> jq <span class=\"s1\">&#39;.access_token&#39;<\/span> -r<span class=\"k\">)<\/span><span class=\"s2\">&#34;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Check token<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">curl <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> --user <span class=\"s2\">&#34;{{apiServer.clientId}}:{{apiServer.clientSecret}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -d <span class=\"s2\">&#34;token=<\/span><span class=\"nv\">$ACCESS_TOKEN<\/span><span class=\"s2\">&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> <span class=\"nv\">$REALM_URL<\/span>\/protocol\/openid-connect\/token\/introspect -k\n<\/span><\/span><\/code><\/pre><\/td><\/tr><\/table>\n<\/div>\n<\/div><h2 id=\"set-up-certificates\">Set up certificates<\/h2>\n<div class=\"expand\">\n<button type=\"button\" class=\"expand__button\" aria-label=\"Expand Button\">\n<span class=\"expand-icon expand-icon__right\">\n<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\"><path fill=\"currentColor\" d=\"M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z\"\/><\/svg>\n<\/span>\nReferences\n<\/button>\n<div class=\"expand__content\">\n<ul>\n<li><a href=\"https:\/\/medium.com\/@zufardhiyaulhaq\/kubernetes-authentication-with-keycloak-openid-connect-part-1-14f4e778b5e9#5252\" title=\"See on medium.com\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fas fa-external-link-alt\"><\/i>&nbsp;<i>\n<\/i><\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<h3 id=\"generate-the-certificates\">Generate the certificates<\/h3>\n<div class=\"expand\">\n<button type=\"button\" class=\"expand__button\" aria-label=\"Expand Button\">\n<span class=\"expand-icon expand-icon__right\">\n<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\"><path fill=\"currentColor\" d=\"M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z\"\/><\/svg>\n<\/span>\nReferences\n<\/button>\n<div class=\"expand__content\">\n<ul>\n<li><a href=\"https:\/\/en.wikipedia.org\/wiki\/List_of_ISO_3166_country_codes\" title=\"See on wikipedia\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fab fa-wikipedia-w\"><\/i>&nbsp;<i>\nList of ISO 3166 country codes - Wikipedia\n<\/i><\/a><\/li>\n<li><a href=\"https:\/\/security.stackexchange.com\/a\/159537\" title=\"See on security.stackexchange.com\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fab fa-stack-exchange\"><\/i>&nbsp;<i>\n<\/i><\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"highlight\"><div class=\"chroma\">\n<table class=\"lntable\"><tr><td class=\"lntd\">\n<pre tabindex=\"0\" class=\"chroma\"><code><span class=\"lnt\"> 1\n<\/span><span class=\"lnt\"> 2\n<\/span><span class=\"lnt\"> 3\n<\/span><span class=\"lnt\"> 4\n<\/span><span class=\"lnt\"> 5\n<\/span><span class=\"lnt\"> 6\n<\/span><span class=\"lnt\"> 7\n<\/span><span class=\"lnt\"> 8\n<\/span><span class=\"lnt\"> 9\n<\/span><span class=\"lnt\">10\n<\/span><span class=\"lnt\">11\n<\/span><span class=\"lnt\">12\n<\/span><span class=\"lnt\">13\n<\/span><span class=\"lnt\">14\n<\/span><span class=\"lnt\">15\n<\/span><span class=\"lnt\">16\n<\/span><span class=\"lnt\">17\n<\/span><span class=\"lnt\">18\n<\/span><span class=\"lnt\">19\n<\/span><span class=\"lnt\">20\n<\/span><span class=\"lnt\">21\n<\/span><span class=\"lnt\">22\n<\/span><span class=\"lnt\">23\n<\/span><span class=\"lnt\">24\n<\/span><span class=\"lnt\">25\n<\/span><span class=\"lnt\">26\n<\/span><span class=\"lnt\">27\n<\/span><\/code><\/pre><\/td>\n<td class=\"lntd\">\n<pre tabindex=\"0\" class=\"chroma\"><code class=\"language-sh\" data-lang=\"sh\"><span class=\"line\"><span class=\"cl\">mkdir certs\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">cd<\/span> certs\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># CA part (Certificate Authority)<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Generate the CA (Certificate Authority) private key<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">openssl genrsa -out ca.key <span class=\"m\">2048<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Generate the CA (Certificate Authority) certificate<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">openssl req -new -x509 <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -subj <span class=\"s2\">&#34;\/C={{countryCodeIso3166_1_alpha_2}}\/ST={{State}}\/O={{companyName}}\/CN={{cluster.baseHostName}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -addext <span class=\"s2\">&#34;subjectAltName = DNS:{{cluster.baseHostName}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -key ca.key -out ca.crt\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># # Import the CA (Certificate Authority) in the truststore, so that certificates signed by our authority are considered as trusted<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># keytool -import -file ca.crt -keystore ca.truststore -keypass PASSWORD -storepass PASSWORD<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Keycloak part<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Generate the keycloak&#39;s private key<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">openssl genrsa -out keycloak.key <span class=\"m\">2048<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Generate the keycloak&#39;s CSR (Certificate Signing Request)<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">openssl req -new <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -subj <span class=\"s2\">&#34;\/C={{countryCodeIso3166_1_alpha_2}}\/ST={{State}}\/O={{companyName}}\/CN=kube-keycloak.{{cluster.baseHostName}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -addext <span class=\"s2\">&#34;subjectAltName = DNS:kube-keycloak.{{cluster.baseHostName}}&#34;<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -key keycloak.key -out keycloak.csr\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"c1\"># Sign the CSR using our custom CA<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">openssl x509 -req <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -days <span class=\"m\">3650<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -extfile &lt;<span class=\"o\">(<\/span><span class=\"nb\">printf<\/span> <span class=\"s2\">&#34;subjectAltName=DNS:kube-keycloak.{{cluster.baseHostName}}&#34;<\/span><span class=\"o\">)<\/span> <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -CA ca.crt -CAkey ca.key <span class=\"se\">\\\n<\/span><\/span><\/span><span class=\"line\"><span class=\"cl\"> -in keycloak.csr -out keycloak.crt\n<\/span><\/span><\/code><\/pre><\/td><\/tr><\/table>\n<\/div>\n<\/div><p>Finally, inspect your keycloak&rsquo;s certificate.<\/p>","category":["Kubernetes","Sysadmin","DevOps","Security","Authentication","Kubernetes"]},{"title":"Protect monitoring with authentication","link":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/09-safe-monitoring\/","pubDate":"Mon, 16 Nov 2020 02:35:47 +0100","guid":"https:\/\/gerkin.dev\/en\/walkthroughs\/kubernetes\/09-safe-monitoring\/","description":"<p>Now that we have our authentication service up and running, we can protect our dashboards installed in the step <a href=\"..\/06-monitoring\" title=\"See on this blog\"><i class=\"fas fa-link\"><\/i>&nbsp;06 - Monitoring: See what is going on<\/a> using our <em>Keycloak<\/em> OpenID Connect provider. Here is a diagram on how authorization will be managed:<\/p>\n<p><img src=\".\/_assets\/schema.svg\" alt=\"Authorization graph\" \/><\/p>\n<h2 id=\"traefik-dashboard\">Traefik dashboard<\/h2>\n<p>TODO<\/p>\n<h2 id=\"kibana\">Kibana<\/h2>\n<p>TODO<\/p>\n<h2 id=\"kube-dashboard\">Kube dashboard<\/h2>\n<div class=\"expand\">\n<button type=\"button\" class=\"expand__button\" aria-label=\"Expand Button\">\n<span class=\"expand-icon expand-icon__right\">\n<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\"><path fill=\"currentColor\" d=\"M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z\"\/><\/svg>\n<\/span>\nReferences\n<\/button>\n<div class=\"expand__content\">\n<ul>\n<li><a href=\"https:\/\/itnext.io\/protect-kubernetes-dashboard-with-openid-connect-104b9e75e39c\" title=\"See on itnext.io\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fas fa-external-link-alt\"><\/i>&nbsp;<i>\n<\/i><\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<p>Again, we are going to set up a new instance of <a href=\"https:\/\/github.com\/louketo\/louketo-proxy\" title=\"See on GitHub\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fab fa-github\"><\/i>&nbsp;<em>louketo-proxy<\/em><\/a>.<\/p>","category":["Kubernetes","Sysadmin","DevOps","Web service","Security","Authentication","Kubernetes"]},{"title":"CentOS8 Firewalld Tips","link":"https:\/\/gerkin.dev\/en\/blog\/centos8-firewalld-tips\/","pubDate":"Tue, 02 Feb 2021 00:16:48 +0100","guid":"https:\/\/gerkin.dev\/en\/blog\/centos8-firewalld-tips\/","description":"<p>When configuring firewall rules to be as strict as required, you may have some troubles understanding why something you thought was allowed is, actually, not. And to track down this kind of issues, some logs might help. Here is a small copy-pasta to enable <code>firewalld<\/code> logging.<\/p>\n<h2 id=\"enable-access-denied\">Enable &ldquo;<em>Access Denied<\/em>&rdquo;<\/h2>\n<div class=\"expand\">\n<button type=\"button\" class=\"expand__button\" aria-label=\"Expand Button\">\n<span class=\"expand-icon expand-icon__right\">\n<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\"><path fill=\"currentColor\" d=\"M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z\"\/><\/svg>\n<\/span>\nReferences\n<\/button>\n<div class=\"expand__content\">\n<ul>\n<li><a href=\"https:\/\/www.cyberciti.biz\/faq\/enable-firewalld-logging-for-denied-packets-on-linux\/\" title=\"See on www.cyberciti.biz\" target=\"_blank\" rel=\"noopener noreferrer\"><i class=\"fas fa-external-link-alt\"><\/i>&nbsp;How to enable firewalld logging for denied packets on Linux<\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<p><code>firewalld<\/code> can log events to <code>rsyslog<\/code>, the events journal in most linux distribution. This can be enable either at runtime (that won&rsquo;t persist across service restarts) or by configuration to keep it enabled for longer periods.<\/p>","category":["Firewall","Security","Sysadmin","Troubleshooting"]}]}}