From Fedora Project Wiki

m
Line 3: Line 3:
 
This is the test case to check if firewall zones are usable.  
 
This is the test case to check if firewall zones are usable.  
  
Settings in the zone dowe with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.
+
Settings in the zone done with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.
  
 
= How to test =
 
= How to test =

Revision as of 11:45, 16 March 2012

Description

This is the test case to check if firewall zones are usable.

Settings in the zone done with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.

How to test

1. Get settings of 'work' zone

 firewall-cmd --list=all --zone=work

2. Enable service 'samba-client' in zone 'work'

 firewall-cmd --add --zone=work --service=samba-client

To check if it has been enabled:

 iptables-save | grep work

These two lines should be in the output:

 -A IN_ZONE_work_allow -p udp -m udp --dport 137 -j ACCEPT
 -A IN_ZONE_work_allow -p udp -m udp --dport 138 -j ACCEPT

3. Disable service 'samba-client' in zone 'work'

 firewall-cmd --remove --zone=work --service=samba-client

4. Get a list of all supported services:

 firewall-cmd --list=services

The result should be:

 cluster-suite pop3s bacula-client smtp ipp radius bacula ftp mdns samba 
 dhcpv6-client dns openvpn imaps samba-client http https telnet libvirt ssh 
 ipsecipp-client amanda-client tftp-client dhcpv6 nfs tftp libvirt-tls