F23 Server firewall-cmd problem? (SOLVED)
Cristian Sava
csava at central.ucv.ro
Fri Oct 30 10:30:02 UTC 2015
On Fri, 2015-10-30 at 11:31 +0200, Cristian Sava wrote:
> On Fri, 2015-10-30 at 11:06 +0200, Cristian Sava wrote:
> > Hi,
> >
> > I installed a f23 server (fedora server only) and I configured 2
> > bridged interfaces.
> > Now I allow forward traffic between br0 and br1:
> >
> > [root at s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0
> > -i
> > br0 -o br1 -j ACCEPT
> > success
> > [root at s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0
> > -i
> > br1 -o br0 -j ACCEPT
> > success
> > [root at s ~]#
> >
> > That is working well, as expected, but adding "--permanent" kills
> > all
> > forwarding. Is it a bug?
> >
> > [root at s ~]# firewall-cmd --permanent --direct --remove-rule ipv4
> > filter
> > FORWARD 0 -i br0 -o br1 -j ACCEPT
> > success
> > [root at s ~]# firewall-cmd --permanent --direct --remove-rule ipv4
> > filter
> > FORWARD 0 -i br1 -o br0 -j ACCEPT
> > success
> >
> > C. Sava
> >
> My bad, sorry, it is (not working):
> [root at s ~]# firewall-cmd --permanent --direct --add-rule ipv4
> filter FORWARD 0 -i br0 -o br1 -j ACCEPT
> success
> [root at s ~]# firewall-cmd --permanent --direct --add-rule ipv4
> filter FORWARD 0 -i br1 -o br0 -j ACCEPT
> success
>
> C.Sava
>
Sorry, it was a selinux problem here, now solved.
Now it's working after restarting firewalld.
More information about the test
mailing list