On Mon, 12 Oct 2015, Ian Mortimer wrote:
On Sun, 2015-10-11 at 15:00 -0700, Emmett Culley wrote:
I assume there must be a different set of configuration files that are accessed upon reboot than those accessed upon firewalld restart.
The saved rules are under /etc/firewalld/zones. The rules for the default zone should be the ones loaded. The default zone is defined in /etc/firewalld/firewalld.conf.
It may be worth noting that most firewalld changes require two invocations of firewall-cmd, one with "--permanent" and one without:
# this makes an immediate change that will not last past next # reboot or service restart firewall-cmd --zone="public" --set-target="ACCEPT"
# this makes no immediate change, but it will take effect at # next reboot or service restart firewall-cmd --zone="public" --set-target="ACCEPT" --permanent