On 11/6/2015 1:31 PM, Nick Bright wrote:
> One of my biggest frustrations with CentOS 7 has been firewalld.
>
> Essentially all of the documentation just flat doesn't work.
>
> One common thing that needs to be done is to change the zone of an
> interface, however I've tried:
>
> firewall-cmd --permanent --zone=internal --change-interface=ens192
> firewall-cmd --permanent --zone=internal --add-interface=ens192
>
> I've also tried setting in /etc/sysconfig/network-scripts/ifcfg-ens192:
>
> ZONE=internal
> ZONE="internal"
>
> No matter what, when firewalld starts, ens192 will be in the public zone.
>
> What am I doing wrong? Why does the documented command structure not
> work?
I haven't messed with firewalld yet, so the following is purely
conjecture...
does
firewall-cmd --get-zones
list this "internal" zone ? if not, you may need to create it first,
firewall-cmd --permanent --new-zone=internal
firewall-cmd --reload
THEN assign your interface to it,
firewall-cmd --permanent --zone=internal --change-interface=ens192
--
john r pierce, recycling bits in santa cruz