Hi,
I installed a f23 server (fedora server only) and I configured 2 bridged interfaces. Now I allow forward traffic between br0 and br1:
[root@s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success [root@s ~]#
That is working well, as expected, but adding "--permanent" kills all forwarding. Is it a bug?
[root@s ~]# firewall-cmd --permanent --direct --remove-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --permanent --direct --remove-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success
C. Sava
On Fri, 2015-10-30 at 11:06 +0200, Cristian Sava wrote:
Hi,
I installed a f23 server (fedora server only) and I configured 2 bridged interfaces. Now I allow forward traffic between br0 and br1:
[root@s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success [root@s ~]#
That is working well, as expected, but adding "--permanent" kills all forwarding. Is it a bug?
[root@s ~]# firewall-cmd --permanent --direct --remove-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --permanent --direct --remove-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success
C. Sava
My bad, sorry, it is (not working): [root@s ~]# firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success
C.Sava
On Fri, 2015-10-30 at 11:31 +0200, Cristian Sava wrote:
On Fri, 2015-10-30 at 11:06 +0200, Cristian Sava wrote:
Hi,
I installed a f23 server (fedora server only) and I configured 2 bridged interfaces. Now I allow forward traffic between br0 and br1:
[root@s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success [root@s ~]#
That is working well, as expected, but adding "--permanent" kills all forwarding. Is it a bug?
[root@s ~]# firewall-cmd --permanent --direct --remove-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --permanent --direct --remove-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success
C. Sava
My bad, sorry, it is (not working): [root@s ~]# firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i br0 -o br1 -j ACCEPT success [root@s ~]# firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i br1 -o br0 -j ACCEPT success
C.Sava
Sorry, it was a selinux problem here, now solved. Now it's working after restarting firewalld.