Ask Your Question
0

firewalld doesn't assign permanently a zone to virbr0

asked 2015-03-03 09:31:03 -0500

esalvati gravatar image

When I try to assign a zone other than the default to virbr0 interface, all seems to work fine. But when I restart firewalld, it goes to the default zone again. To reproduce:

[root@dino ~]# firewall-cmd --get-active-zones
work
  interfaces: p8p1 wlp8s0
internal
  interfaces: vnet0
public
  interfaces: virbr0 virbr0-nic virbr1 virbr1-nic virbr2 virbr2-nic virbr3 vnet1 vnet2
[root@dino ~]# firewall-cmd --zone=internal --change-interface=virbr0
success
[root@dino ~]# firewall-cmd --zone=internal --change-interface=virbr0 --permanent 
success
[root@dino ~]# firewall-cmd --get-active-zones
work
  interfaces: p8p1 wlp8s0
internal
  interfaces: virbr0 vnet0
public
  interfaces: virbr0-nic virbr1 virbr1-nic virbr2 virbr2-nic virbr3 vnet1 vnet2
[root@dino ~]# systemctl restart firewalld.service 
[root@dino ~]# firewall-cmd --get-active-zones
work
  interfaces: p8p1 wlp8s0
internal
  interfaces: vnet0
public
  interfaces: virbr0 virbr0-nic virbr1 virbr1-nic virbr2 virbr2-nic virbr3 vnet1 vnet2

I saw that a patch was submited to solve this problem in 2013: https://www.redhat.com/archives/libvir-list/2013-April/msg00880.html

Am I making something wrong? As a workaround, I've put "firewall-cmd --zone=internal --change-interface=virbr0" in rc.local.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2015-03-04 03:14:25 -0500

I noticed this too. Another workaround is to put ZONE="internal" into /etc/sysconfig/networks-scripts/ifcfg-virbr0.

edit flag offensive delete link more

Comments

It didn't work for me. I think because on my system this interface was created dynamically and this file didn't exist. I tried to create it anyway, with no results. Thanks for the reply.

esalvati gravatar imageesalvati ( 2015-03-06 12:20:38 -0500 )edit

Question Tools

1 follower

Stats

Asked: 2015-03-03 09:31:03 -0500

Seen: 1,693 times

Last updated: Mar 04 '15