use different zones for IPv4 and IPv6 on the same interface
by Dick Marinus
At home I have a server running Fedora 25 which I'm using for routing my internet connection, mail server etc.
I'm using a sixxs IPv6 tunnel for IPv6 connectivity and I'm using a internet routed IPv6 subnet from sixxs on my home network.
Now the trouble starts;
I've configured an IPv6 address from the IPv6 subnet on my (home) network interface which is connected to my home network and I'd like to have different rules for internal and external hosts but this interface has zone "internal" for IPv4 and it should be labelled "external" for IPv6.
I've tried working around this by adding a rich rule to drop all IPv6 traffic from the zone public (this works) but I cannot add allow rules because the allow rules seem to be handled after the deny rules...
Whould it be possible to use different zones for IPv4 and IPv6 on the same interface? Is is possible to change the allow / deny order for the public zone?
If this isn't possible I guess I should add a VLAN for IPv6 to have different interfaces for IPv4/6
7 years, 2 months
firewall-config not functional on CentOS 7 KDE
by Emmett Culley
I am not able to select services to be allowed for any zone. None of the check boxes are checked, even though I know from looking into iptables (iptables -nvL), that some services are enabled. And clicking on any check box does not cause the box to be checked.
It seems I ran into this awhile ago as it is OK on two of my servers and I remember doing something to fix it. No amount of googling turns up the email thread I started on the centos mailing list.
Does anyone know that the issue is? Could it be related to GTK not always being compatible with QT?
Emmett
7 years, 2 months
Reintroduce Firewall GTK+ Applet
by poma
Current Firewall Applet - Qt5 based, has too many unnecessary dependencies.
For those using GTK+ based Desktop Environments there is a very elegant solution, reintroduction of the Firewall GTK+ Applet.
Not only that GKT+ based Applet works just as well as its Qt5 counterpart,
but it also provides genuine GTK+ Look and Feel within modern GTK+ Desktop.
Ref.
https://bugzilla.redhat.com/show_bug.cgi?id=1404328
7 years, 3 months