I'm still learning firewalld obviously, and I am having trouble groking
the documentation to understand how to do this.
I know I could do an iptables direct, but that doesn't seem like the
"right" way to do it.
What I'm trying to do is allow a specific service, only for a specific ip.
On 11/17/2015 11:12 AM, Nick Bright wrote:
firewall-cmd --zone=monitoring --add-source=1.2.3.4/32
firewall-cmd --zone=monitoring --add-service=snmp
firewall-cmd --zone=monitoring --add-interface=ens192
firewall-cmd --runtime-to-permanent
I went ahead and tried this and found that the zone and
However, at the end
> firewall-cmd --zone=monitoring --add-interface=ens192
>
> This results in a zone conflict. I'm not sure if it's even possible to
> have two zones on the interface.
>
> Hi Nick,
I don't believe an interface can belong to multiple zones.
Instead I think you what a rich rule,
On 11/17/2015 1:20 PM, James Hogarth wrote:
A zone applies to a source network or interface.
Have a flick through:
https://www.hogarthuk.com/?q=node/9
Surprised SNMP isn't already defined as a service in
/usr/lib/firewalld/services Perhaps snmpd ? Don't have a system to
hand to check.
I
On 17 Nov 2015 17:30, "Nick Bright" wrote:
>
> On 11/17/2015 11:12 AM, Nick Bright wrote:
>>
>> firewall-cmd --zone=monitoring --add-source=1.2.3.4/32
>> firewall-cmd --zone=monitoring --add-service=snmp
>> firewall-cmd --zone=monitoring --add-interface=ens192
>>
5 matches
Mail list logo