firewall-cmd - rich-rule - permanent configuration
by poma
Hi,
# firewall-cmd --version
0.3.3
<Runtime Configuration>
# firewall-cmd --list-rich-rules
# firewall-cmd --add-rich-rule='rule forward-port port="2222"
to-port="22" to-addr="192.168.100.2" protocol="tcp" family="ipv4" source
address="192.168.2.100"'
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --remove-rich-rule='rule forward-port port="2222"
to-port="22" to-addr="192.168.100.2" protocol="tcp" family="ipv4" source
address="192.168.2.100"'
# firewall-cmd --list-rich-rules
# firewall-cmd --add-rich-rule='rule forward-port port="2222"
to-port="22" to-addr="192.168.100.2" protocol="tcp" family="ipv4" source
address="192.168.2.100"'
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
<\Runtime Configuration>
Runtime Configuration - OK.
<Permanent Configuration>
# firewall-cmd --list-rich-rules
# firewall-cmd --permanent --add-rich-rule='rule forward-port
port="2222" to-port="22" to-addr="192.168.100.2" protocol="tcp"
family="ipv4" source address="192.168.2.100"'
# firewall-cmd --list-rich-rules
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --permanent --remove-rich-rule='rule forward-port
port="2222" to-port="22" to-addr="192.168.100.2" protocol="tcp"
family="ipv4" source address="192.168.2.100"'
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# /etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
…
<rule family="ipv4">
<source address="192.168.2.100"/>
<forward-port to-addr="192.168.100.2" to-port="22" protocol="tcp"
port="2222"/>
</rule>
</zone>
# Oops! It's still here. :)
<\Permanent Configuration>
Permanent Configuration - Is it a bug or a feature?
poma
10 years, 4 months
RFE: ability to specify the source port
by Sergio Villar Senin
Hi,
I have recently started a discussion in firewalld-users:
https://lists.fedorahosted.org/pipermail/firewalld-users/2013-September/0...
and the outcome was that apparently there is no way in firewalld to
specify the source port for a specific service, rule, etc... Everytime
the documentation mentions <port> it always means the destination port
(--dport in iptables).
I was wondering if there are any plans to add some syntactic sugar to
either firewalld-cmd or to the rich language to allow users to specify
the source port (--sport in iptables).
BR
10 years, 6 months
[PATCH] Fix warning of deprecated MainLoop
by Christopher Meng
Hi,
Today when I ran this program I found something noisy in the terminal:
[rpmaker@fab Desktop]$ firewall-config
firewall-config.py:813: PyGIDeprecationWarning: MainLoop is
deprecated; use GLib.MainLoop instead
self.mainloop = GObject.MainLoop()
So I send this patch to you to solve this problem.
Please take a look at the attachment area.
Thank you.
Yours sincerely,
Christopher Meng
Always playing in Fedora Project
http://cicku.me
10 years, 6 months
How to send patch?
by Christopher Meng
Hi,
I have a patch for firewalld-config, very small.
Can I fork the repo and send a pull request?(No howto?)
Or send patch here?
Thanks.
Yours sincerely,
Christopher Meng
Always playing in Fedora Project
http://cicku.me
10 years, 6 months