24 Apr
2018
24 Apr
'18
10:31 p.m.
I tried adding the tun0 interface to the internal zone and firewall- cmd told me tun0 was managed by NetworkManager. After that it didn't show tun0 as a member of any zone. # firewall-cmd --zone=internal --add-interface=tun0 The interface is under control of NetworkManager, setting zone to 'internal'. success # firewall-cmd --list-all-zones (long list of zones, none of which have tun0 in their interfaces field)
I am experiencing the same thing getting IPSec protected GRE packets to the gre1 interface.
It works with the firewall disabled; haven't been able to figure out how to make it work with the firewall enabled.
firewall-cmd allows me to add the interface, but then forgets about it.
--
Adam Tauno Williams mailto:awilliam@whitemice.org GPG D95ED383
Systems Administrator, Python Developer, LPI / NCLA