> On Jan 21, 2015, at 9:45 AM, Jorick Astrego <j.astr...@netbulae.eu> wrote: > > Hi, > > > > In the quickstart guide we have the iptables rules for a fedora 19 host, > > > but currently we run firewalld on the host (Centos 7) > > > > I've converted the rules to a service xml for the zone but I can't > > > figure out the firewalld translation for "-A FORWARD -m physdev ! > > > --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited " > > > > Anyone know how to do this in firewalld? >
DISCLAIMER: I am just a lowly user of ovirt/RHEL/Fedora You can do almost anything you can do with iptables by using the passthrough option, although you have to make sure the rules fit the underlying iptables policy firewalld generates (by inspecting it afterwords). The following should work: firewall-cmd --permanent --direct --passthrough ipv4 -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT -- Jason T. Greene WildFly Lead / JBoss EAP Platform Architect JBoss, a division of Red Hat _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
