Hello List, Does anyone have any idea why the "NEW" freeipa-4 for firewalld does not work as a "rule", all ports remain closed? with the command firewall-cmd --permanent --zone=external --add-service=freeipa-4 does it open the ports but it doesn't work in a rule statement? firewall-cmd --add-rich-rule='rule family="ipv4" source address="89.XXX.XXX.0/ XX" service name="freeipa-4" log prefix="freeipa-4" level= "info" limit value="1/m" accept' --permanent it is extra in freeipa-4 you should use the NEW freeipa-4 everything else is outdated? Where's the mistake? -- mit freundlichen Grüßen / best Regards, Günther J. Niederwimmer