lamw
commented
1 year ago cron could be an option but you could also just use /etc/rc.local.d/local.sh and add the respective commands to do this at first boot
Closed robina80 closed 1 year ago
lamw
commented
1 year ago cron could be an option but you could also just use /etc/rc.local.d/local.sh and add the respective commands to do this at first boot
robina80
commented
1 year ago sorry @lamw what are the respective commands? sorry for the dumb question
lamw
commented
1 year ago Its referenced in the blog post that you linked :)
https://williamlam.com/2011/07/how-to-create-custom-firewall-rules-in.html
robina80
commented
1 year ago @lamw im looking at this other guide
https://kb.vmware.com/s/article/2008226
Note: This setting does not persist after a reboot. To make it persist, see Changing the port used by SSH on an ESXi 5.0 host (2011818). With ESXi 5.1.x, changes to the existing service.xml file is persistent after reboot.
i have highlighted in bold as i have esxi 6.7 will it still be persistent
lamw
commented
1 year ago Custom ESXi firewalls are NOT persistent across ALL versions, so that's not a new claim. This is the point of needing a VIB but what I suggested is that you CAN make it persistent by running the commands outlined in either KB or my blog, which runs at each bootup, thus giving you persistency, as if you were to run them manually. I recommend giving it a try :)
robina80
commented
1 year ago but @lamw if i do the below how to
https://kb.vmware.com/s/article/2008226
if i do this for 6.7 esxi will it be persistent for 6.7 as it says 5.1.x
sorry for the delay just busy, sorry
lamw
commented
1 year ago Please follow the blog post that I originally linked, that works across all ESXi versions.
robina80
commented
1 year ago @lamw you mean this one
https://williamlam.com/2011/07/how-to-create-custom-firewall-rules-in.html
as this is for ESXi 5.0 you say it will work for 6.7 and will it be persistent after a reboot
lamw
commented
1 year ago Yes. Can you please just try it and see for yourself
robina80
commented
1 year ago ok thanks, i dont see it on the web gui tho, should i?
robina80
commented
1 year ago ok my bad lol, its not a service, its a firewall rule, i see it on vcenter, i will reboot and let you know, thanks @lamw
hi all,
i have punched a hole in the esxi firewall to send emails following your guide @lamw but looking at your link
https://williamlam.com/2012/09/creating-custom-vibs-for-esxi-50-51.html
is there another way to make it persistent other than making a vib file, like making the xml like below
/etc/vmware/firewall/email.xml
and then making it persistent by adding it to a cron ie
@reboot /etc/vmware/firewall/email.xml
or something like that
thanks, rob