Here’s a quick recap on setting up your workstation for use at home.
You can find this useful in case you want to:
- Stream audio from your iPhone to a CentOS/RHEL Linux PC
- Control Kodi media center on your CentOR/RHEL machine, using networked remote apps
Firewall at home?
It is good to apply good security practices even between machines on a trusted, home network.
FirewallD, the default firewall for CentOS/RHEL, has a great concept of zones.
Surely, you can just assign a specific network interface to a zone. But this would be prone to errors.
Imagine what would happen if you assign your laptop’s Ethernet interface to a home zone, and then take it to an airport? Nothing good.
Thanks to the NetworkManager
, you can assign a specific network connection profile to the home
zone.
So the important gotcha is that while you can assign a specific firewall zone to a network interface, the latter can have multiple connections (profiles) defined for it in NetworkManager.
NetworkManager has its own setting for which the connection of the same interface is bound to which FirewallD zone. It’s nice to have when you have RHEL 8 on your laptop and roaming around between home and work.
NetworkManager connections are easily understood as different profiles (settings) for the same interface.
By default, you have 1:1 mapping between an interface and profile, that is you have one profile for each interface, and its name matches the name of the interface. E.g. eno1
interface and connection name eno1
.
Let’s fix this a bit and have a connection name reflect its physical location.
Considering that you’re home now and using a wired network. Let’s rename the current connection profile eno1-home
to eno1-home
:
nmcli connection modify eno1 connection.id eno1-home
The interface name itself stays the same, eno1
.
Then bind this profile to home
FirewallD zone:
nmcli connection modify eno1-home connection.zone home
From then on, you can assign various services to be allowed access over LAN, on this workstation.
For example, the AirPlay service:
sudo firewall-cmd --zone=home --add-service=airplay-server --permanent
sudo firewall-cmd --zone=home --add-service=mdns --permanent # not really needed as this is the default for home zone
sudo firewall-cmd --reload
Streaming from CentOS/RHEL using DLNA
If you want to stream some media from your RHEL machine over DLNA, using software like Universal Media Streamer, open related ports:
sudo firewall-cmd --zone=home --add-port=5001/tcp --permanent
sudo firewall-cmd --zone=home --add-port=1900/udp --permanent
sudo firewall-cmd --reload
Wake on LAN
nmcli c show eno1-home | grep wake
nmcli c modify eno1-home 802-3-ethernet.wake-on-lan magic