Skip to main content

Configuring the firewall

Configure the firewall for your automotive operating system (OS) image.

Prerequisites

  • A custom OS image manifest that has network configurations, such as the one you used in Configuring networking

Procedure

  1. Add SSH packages to your manifest:

    SSH RPM packages for firewall support
    --8<-- "demos/firewall/firewall.mpp.yml:1:7"

  2. Add the firewalld package:

    Firewall RPM package
    --8<-- "demos/firewall/firewall.mpp.yml:35:39"

  3. Configure the firewall with SSH root access:

    Example firewall, SSH, and port configuration
    --8<-- "demos/firewall/firewall.mpp.yml:43:56"

  4. Enable firewall and SSH services to run through systemd:

    Firewall and SSH services managed by systemd
    --8<-- "demos/firewall/firewall.mpp.yml:58:63"

Next steps

  1. Configure interprocess communications (IPCs) between your ASIL and QM containers and across partitions.
  2. Encrypt your filesystem.
  3. Enable BlueChi orchestration.
  4. Build your automotive OS image with kernel-automotive or your custom kernel.