firewalld change via XML file
by dc.901 from LinuxQuestions.org on (#4QA6Z)
Hello!
I have CentOS 7.6
Machine has two NICs; one NIC is assigned in public zone and second in trusted zone.
What I am trying to do is:
Code:# firewall-cmd --permanent --zone=trusted --add-source=192.168.1.10This works.
However, I am trying to figure out how to do this by XML file; zone config XML files are under: /etc/firewalld/zones, and there is trusted.xml
Code:<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Trusted</short>
<description>All network connections are accepted.</description>
<interface name="ens224"/>
<sources ip="192.168.1.10"/>
</zone>With above in XML, I restarted firewalld service. However, output shows:
Code:# firewall-cmd --zone=trusted --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: ens224
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:Trying to figure out what I am missing?
I have CentOS 7.6
Machine has two NICs; one NIC is assigned in public zone and second in trusted zone.
What I am trying to do is:
Code:# firewall-cmd --permanent --zone=trusted --add-source=192.168.1.10This works.
However, I am trying to figure out how to do this by XML file; zone config XML files are under: /etc/firewalld/zones, and there is trusted.xml
Code:<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Trusted</short>
<description>All network connections are accepted.</description>
<interface name="ens224"/>
<sources ip="192.168.1.10"/>
</zone>With above in XML, I restarted firewalld service. However, output shows:
Code:# firewall-cmd --zone=trusted --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: ens224
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:Trying to figure out what I am missing?