Enabling by MAC address
by Geoffrey Leach
First, let it be known that I am completely ignorant of the principles of operation of firewallD, and hope to remain so.
that said, I have a device (known to wok Silicon Dust HD Home Run) that is hard-wired to the ethernet port on another system. Installing Fedora 19 has interfered with this.
In order to open the firewall to this connection, I have followed the advice of
Michael Hannon (https://lists.fedoraproject.org/pipermail/users/2013-December/444034.html) and have constructed /etc/firewalld/direct.xml as follows:
<?xml version="1.0" encoding="utf-8"?>
<direct>
<passthrough ipv="ipv4">-t filter -A IN_internal_allow -m mac --mac-source 00:18:DD:01:4A:E7 j ACCEPT</passthrough>
</direct>
This did not suddenly fix the connection problem :-), but it would be nice to be able to validate this. Using firewall-cmd to reload firewalld resulted in no errors but what do I know?
So, the intended function of this code is to open the firewall to connections involving the device with MAC address 00:18:DD:01:4A:E7. Is that correct?
Should I be able to find this somewhere in the firewall-config menus?
Thanks.
9 years, 7 months
firewalld and kvm
by Rob Verduijn
Hello,
I was wondering if anybody could tell me how to set up firewalld together
with kvm.
For example a fedora 20 host running a centos6.5 guest.
The guest is using bridge0 which is connected to eth0.
What devices do I need to which zone.
Do the virtual devices like vnet1 and vnet2 need to be added to a zone ?
I keep running into walls here (firewalls to be precise), the only thing I
can find on this subject is 'switch back to iptables'.
But I would like to know how to fix this with firewalld.
Anybody who has any ideas on this ?
Cheers
Rob
9 years, 7 months