Re: [CentOS] firewalld being stupid

Em 17-11-2015 01:26, Dennis Jacobfeuerborn escreveu: On 16.11.2015 22:58, Gordon Messmer wrote: On 11/16/2015 01:39 PM, Nick Bright wrote: This is very frustrating, and not obvious. If --permanent doesn't work for a command, then it should give an error - not silently fail without doing

Re: [CentOS] firewalld being stupid

On 17.11.2015 15:18, James B. Byrne wrote: > > On Mon, November 16, 2015 16:39, Nick Bright wrote: >> On 11/6/2015 3:58 PM, James Hogarth wrote: >>> I have a couple of relevant articles you may be interested in ... >>> >>> On assigning the zone via NM: >>> https://www.hogarthuk.com/?q=node/8 >>>

Re: [CentOS] firewalld being stupid

On Mon, November 16, 2015 16:39, Nick Bright wrote: > On 11/6/2015 3:58 PM, James Hogarth wrote: >> I have a couple of relevant articles you may be interested in ... >> >> On assigning the zone via NM: >> https://www.hogarthuk.com/?q=node/8 >> >> Look down to the "Specifying a particular firewall

Re: [CentOS] firewalld being stupid

On Tue, Nov 17, 2015 at 09:18:22AM -0500, James B. Byrne wrote: > This behaviour is congruent with SELinux. One utility adjusts the > permanent configuration, the one that will be applied at startup. > Another changes the current running environment without altering the > startup config. From a

Re: [CentOS] firewalld being stupid

On Nov 17, 2015 12:11 PM, wrote: > tell me progress, and final result. You'd think they were an old New > Englander. > > mark, ayu' _ Totally hilarious. Thanks for making my day. Mike ___

Re: [CentOS] firewalld being stupid

On 11/16/2015 3:58 PM, Gordon Messmer wrote: On 11/16/2015 01:39 PM, Nick Bright wrote: This is very frustrating, and not obvious. If --permanent doesn't work for a command, then it should give an error - not silently fail without doing anything! But --permanent *did* work. No, it didn't.

Re: [CentOS] firewalld being stupid

On 17.11.2015 17:51, m.r...@5-cent.us wrote: > Nick Bright wrote: >> On 11/17/2015 8:18 AM, James B. Byrne wrote: >>> This behaviour is congruent with SELinux. One utility adjusts the >>> permanent configuration, the one that will be applied at startup. >>> Another changes the current running

Re: [CentOS] firewalld being stupid

On 11/17/2015 8:18 AM, James B. Byrne wrote: This behaviour is congruent with SELinux. One utility adjusts the permanent configuration, the one that will be applied at startup. Another changes the current running environment without altering the startup config. From a sysadmin point of view

Re: [CentOS] firewalld being stupid

Nick Bright wrote: > On 11/17/2015 8:18 AM, James B. Byrne wrote: >> This behaviour is congruent with SELinux. One utility adjusts the >> permanent configuration, the one that will be applied at startup. >> Another changes the current running environment without altering the >> startup config.

Re: [CentOS] firewalld being stupid

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/11/15 17:29, Dennis Jacobfeuerborn wrote: > On 17.11.2015 17:51, m.r...@5-cent.us wrote: >> Nick Bright wrote: >>> On 11/17/2015 8:18 AM, James B. Byrne wrote: This behaviour is congruent with SELinux. One utility adjusts the

Re: [CentOS] firewalld being stupid

J Martin Rushton wrote: > On 17/11/15 17:29, Dennis Jacobfeuerborn wrote: >> On 17.11.2015 17:51, m.r...@5-cent.us wrote: >>> Nick Bright wrote: On 11/17/2015 8:18 AM, James B. Byrne wrote: > This behaviour is congruent with SELinux. One utility adjusts > the permanent configuration,

Re: [CentOS] firewalld being stupid

On 11/6/2015 3:58 PM, James Hogarth wrote: I have a couple of relevant articles you may be interested in ... On assigning the zone via NM: https://www.hogarthuk.com/?q=node/8 Look down to the "Specifying a particular firewall zone" bit ... remember that if you edit the files rather than using

Re: [CentOS] firewalld being stupid

On 11/16/2015 01:39 PM, Nick Bright wrote: This is very frustrating, and not obvious. If --permanent doesn't work for a command, then it should give an error - not silently fail without doing anything! But --permanent *did* work. What you're seeing is the documented behavior:

Re: [CentOS] firewalld being stupid

https://bugzilla.redhat.com/show_bug.cgi?id=1112742 -- Ian Pilcher arequip...@gmail.com "I grew up before Mark Zuckerberg invented friendship"

Re: [CentOS] firewalld being stupid

On 16.11.2015 22:58, Gordon Messmer wrote: > On 11/16/2015 01:39 PM, Nick Bright wrote: >> This is very frustrating, and not obvious. If --permanent doesn't work >> for a command, then it should give an error - not silently fail >> without doing anything! > > But --permanent *did* work. > >

[CentOS] firewalld being stupid

Greetings, One of my biggest frustrations with CentOS 7 has been firewalld. Essentially all of the documentation just flat doesn't work. One common thing that needs to be done is to change the zone of an interface, however I've tried: firewall-cmd --permanent --zone=internal

Re: [CentOS] firewalld being stupid

On 11/6/2015 1:31 PM, Nick Bright wrote: One of my biggest frustrations with CentOS 7 has been firewalld. Essentially all of the documentation just flat doesn't work. One common thing that needs to be done is to change the zone of an interface, however I've tried: firewall-cmd --permanent

Re: [CentOS] firewalld being stupid

On Nov 6, 2015 3:31 PM, "Nick Bright" wrote: > > Greetings, > > One of my biggest frustrations with CentOS 7 has been firewalld. > > Essentially all of the documentation just flat doesn't work. > > One common thing that needs to be done is to change the zone of an

Re: [CentOS] firewalld being stupid

On 6 November 2015 at 21:49, Pete Travis wrote: > On Nov 6, 2015 3:31 PM, "Nick Bright" wrote: >> >> Greetings, >> >> One of my biggest frustrations with CentOS 7 has been firewalld. >> >> Essentially all of the documentation just flat doesn't work.