On 1/28/19 6:06 PM, Patrick O'Callaghan wrote:
On Mon, 2019-01-28 at 08:20 +0800, Ed Greshko wrote:
[egreshko@meimei .ssh]$ sudo firewall-cmd --info-zone=public public (active) target: default icmp-block-inversion: no interfaces: enp2s0 vnet0 wlp4s0 sources: services: dhcpv6-client dns kde-connect mdns ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
Nothing to remark on there I think. I have some extra ports and services enabled but that's to be expected.
I was noting the difference between yours...
interfaces: enp3s0 p3p1 virbr0 virbr0-nic
and mine
interfaces: enp2s0 vnet0 wlp4s0
Surely you must have virbr0? Not sure where virbr0-nic comes from but I assume it's created by libvirt.
Sure,
4: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:9a:e8:49 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever
but, it doesn't show up in results of the firewall-cmd
[root@meimei ~]# firewall-cmd --get-active-zones public interfaces: enp2s0 wlp4s0 vnet0
It does show in the firewall-applet as a connection "virbr0 (Default Zone: public)"
Actually, vnet0, wasn't even there initially until I manually added it to "public". Originally the line read
interfaces: enp2s0 wlp4s0
I've reverted to this condition.
Have you tried with the FW stopped?