Skip to content

Configuring the firewall

Configuring the firewall

Configure the firewall for your automotive operating system (OS) image.

Prerequisites

  • A custom OS image manifest that has network configurations, such as the one you used in Configuring networking

Procedure

  1. Add SSH packages to your manifest:

    console title="SSH RPM packages for firewall support" --8<-- "demos/firewall/firewall.mpp.yml:1:7"

  2. Add the firewalld package:

    console title="Firewall RPM package" --8<-- "demos/firewall/firewall.mpp.yml:35:39"

  3. Configure the firewall with SSH root access:

    console title="Example firewall, SSH, and port configuration" --8<-- "demos/firewall/firewall.mpp.yml:43:56"

  4. Enable firewall and SSH services to run through systemd:

    console title="Firewall and SSH services managed by systemd" --8<-- "demos/firewall/firewall.mpp.yml:58:63"

Next steps
  1. Configure interprocess communications (IPCs) between your ASIL and QM containers and across partitions.
  2. Encrypt your filesystem.
  3. Enable BlueChi orchestration.
  4. Build your automotive OS image with kernel-automotive or your custom kernel.