firewall-cmd - rich-rule - permanent configuration
by poma
Hi,
# firewall-cmd --version
0.3.3
<Runtime Configuration>
# firewall-cmd --list-rich-rules
# firewall-cmd --add-rich-rule='rule forward-port port="2222"
to-port="22" to-addr="192.168.100.2" protocol="tcp" family="ipv4" source
address="192.168.2.100"'
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --remove-rich-rule='rule forward-port port="2222"
to-port="22" to-addr="192.168.100.2" protocol="tcp" family="ipv4" source
address="192.168.2.100"'
# firewall-cmd --list-rich-rules
# firewall-cmd --add-rich-rule='rule forward-port port="2222"
to-port="22" to-addr="192.168.100.2" protocol="tcp" family="ipv4" source
address="192.168.2.100"'
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
<\Runtime Configuration>
Runtime Configuration - OK.
<Permanent Configuration>
# firewall-cmd --list-rich-rules
# firewall-cmd --permanent --add-rich-rule='rule forward-port
port="2222" to-port="22" to-addr="192.168.100.2" protocol="tcp"
family="ipv4" source address="192.168.2.100"'
# firewall-cmd --list-rich-rules
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --permanent --remove-rich-rule='rule forward-port
port="2222" to-port="22" to-addr="192.168.100.2" protocol="tcp"
family="ipv4" source address="192.168.2.100"'
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
rule family="ipv4" source address="192.168.2.100" forward-port
port="2222" protocol="tcp" to-port="22" to-addr="192.168.100.2"
# /etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
…
<rule family="ipv4">
<source address="192.168.2.100"/>
<forward-port to-addr="192.168.100.2" to-port="22" protocol="tcp"
port="2222"/>
</rule>
</zone>
# Oops! It's still here. :)
<\Permanent Configuration>
Permanent Configuration - Is it a bug or a feature?
poma
10 years, 4 months
0.3.7 has just been released
by Jiri Popelka
Hi all,
https://fedorahosted.org/released/firewalld/firewalld-0.3.7.tar.bz2
Changelog says:
- updated translations
- Don't fail on missing ip[6]tables/ebtables table. (RHBZ#967376)
- bash-completion: --permanent --direct options
- firewall/core/fw.py: fix checking for iptables & ip6tables (RHBZ#1017087)
- firewall-cmd: use client's exception_handler instead of catching
exceptions ourselves
- FirewallClientZoneSettings: fix {add|remove|query}RichRule()
- Extend amanda-client service with 10080/tcp (RHBZ#1016867)
- Simplify Rich_Rule()_lexer() by using functions.splitArgs()
- Fix encoding problems in exception handling (RHBZ#1015941)
Enjoy.
--
Jiri
10 years, 6 months
[PATCH] Fix minor typo in message: permanet->permanent
by Yuri Chornoivan
Hi,
Attached is a minor typo fix. Thanks for reviewing it.
Best regards,
Yuri
P.S. It is sad to see that some developers give no time for translators to
translate the released versions of their applications. ;)
10 years, 6 months
