Answer the question
In order to leave comments, you need to log in
How to deal with zones in firewalld?
Fedora 19 server. Two network interfaces. External p13p1 and local em0.
em0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
p13p1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet external_ip netmask 255.255.255.224 broadcast external_bcast_ip
# firewall-cmd --permanent --get-zone-of-interface=em0
internal
# firewall-cmd --permanent --get-zone-of-interface=p13p1
external
# firewall-cmd --permanent --zone=internal --add-service=mysql ; firewall-cmd --reload;
success
success
# firewall-cmd --permanent --list-all-zones
internal (default, active)
interfaces: em0
sources:
services: dhcp http mysql named ssh
ports:
masquerade: yes
forward-ports:
icmp-blocks:
rich rules:
external (active)
interfaces: p13p1
sources:
services: http ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
# nmap external_ip -p 3306
PORT STATE SERVICE
3306/tcp open mysql
# nmap 192.168.1.100 -p 3306
PORT STATE SERVICE
3306/tcp closed mysql
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question