Admin Notes
Updated 14 Apr 2025
Linux - File Access Policy
systemctl stop fapolicyd
Log everything fapolicy is doing. Still stops applications.
fapolicyd --debug 2> fapolicy_debug.txt
Only log things that get denied.
fapolicyd --debug-deny 2> fapolicy_debug.txt
Allow applications to run but log deny rules.
fapolicyd --debug-deny --permissive 2> fapolicy_debug.txt
List rules
fapolicyd-cli --list
Modify fapolicy rules
vi /etc/fapolicyd/fapolicyd.conf
/etc/fapolicyd/fapolicyd.trust
systemctl restart fapolicyd
Default log location
/var/log/fapolicyd-access.log
Linux - Firewall
Allow traffic but log denied packets.
vi /etc/firewalld/firewalld.conf
Set: LogDenied=all
systemctl restart firewalld.service
Default log location:
/var/log/firewalld
View denied packets: journalctl -x -e
Open a port
sudo firewall-cmd --zone=public --add-port=80/tcp
List ports and services
sudo firewall-cmd --list-services
sudo firewall-cmd --list-ports