Firewall

firewalld and network interfaces

I have to say, firewalld and firewalld-cmd really sucks. But, since it's the default on a bunch of installations I use, and I try to "drink the koolaid", I've had the misfortune to try to set it up. Now, it mostly works, except when it doesn't, and then it really fails hard. Case in point, I wanted to reassign some network interfaces to a different zone, and naïvely thought that e.g. this would work:

$ sudo firewall-cmd --permanent --zone=public --remove-interface=eth2
$ sudo firewall-cmd --permanent --zone=internal --add-interface=eth2

 

Yeah, not so much ... What does instead work is adding lines like this to /etc/sysconfig/network-scripts/ifcfg-eth2:

ZONE=internal

WTF?

Hacking: 

Subscribe to RSS - Firewall