3:19 p.m.
On Wed, 4 Apr 2012, Thomas Woerner wrote:
> I have been looking at firewalld in Fedora 17 in order to
understand how
> to convert an iptables command that I use in a script into a firewalld
> one. The iptables command that I'm using is:
> iptables -I INPUT -p udp -i $INTERFACE --dport 67 -j ACCEPT
>
> With firewalld-cmd I can do:
> firewall-cmd --add --port=67/udp
>
> But there doesn't seem to be a way for me to specify an interface as
> well? As in, I only want to open UDP port 67 on a specific network
> interface, not all interfaces.
>
Are you setting up interfaces by hand or are you using NetworkManager or the
network service?
I am setting up the interface by hand (using ifconfig).
Create a customized zone and use firewall-cmd to add th einterface to
the
zone: firewall-cmd --zone=<zone> --add --interface=<interface>
This seems to do what I was looking for, once I created an new zone xml file.
I didn't see a way to create a zone dynamically (e.g., using firewall-cmd). Is
this correct?
Thanks,
Scott
8:53 a.m.
New subject: FirewallD Rule for Port and Interface
On 04/29/2012 10:19 PM, Scott Talbert wrote:
On Wed, 4 Apr 2012, Thomas Woerner wrote:
> Are you setting up interfaces by hand or are you using NetworkManager
> or the network service?
I am setting up the interface by hand (using ifconfig).
> Create a customized zone and use firewall-cmd to add th einterface to
> the zone: firewall-cmd --zone=<zone> --add --interface=<interface>
This seems to do what I was looking for, once I created an new zone
xml file.
I didn't see a way to create a zone dynamically (e.g., using
firewall-cmd). Is this correct?
Yes, that's correct, with firewall-cmd one can do only run-time changes.
--
Jiri
4373
days inactive
4378
days old
firewalld-users@lists.fedorahosted.org
1 comments
2 participants
participants (2)
-
Jiri Popelka -
Scott Talbert