For simple ports etc I am using service xml files For our previous iptables rules. I am using /etc/firewalld/direct.xml check out man firewalld.direct.
Grant Williamson wrote:
For simple ports etc I am using service xml files For our previous iptables rules. I am using /etc/firewalld/direct.xml check out man firewalld.direct.
Wow, not sure how I missed this email.
Ok, so it looks like the majority of what I would want to do belongs in the direct.xml file. Which also means it would be less dynamic than what I have now since I'd have to craft a direct.xml file for each machine... So it sounds like firewalld isn't quite ready for what I have in mind. I'll keep poking at it, but it looks like I need to stick with raw iptables for now.
Thanks for the info.
firewalld-users@lists.fedorahosted.org