Revision as of 10:49, 16 March 2012

Description

This is the test case to check if firewall zones are usable.

Settings in the zone dowe with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.

How to test

1. Get settings of 'work' zone

 firewall-cmd --list=all --zone=work

2. Enable service 'samba-client' in zone 'work'

 firewall-cmd --add --zone=work --service=samba-client

To check if it has been enabled:

 iptables-save | grep work

These two lines should be in the output:

 -A IN_ZONE_work_allow -p udp -m udp --dport 137 -j ACCEPT
 -A IN_ZONE_work_allow -p udp -m udp --dport 138 -j ACCEPT

3. Disable service 'samba-client' in zone 'work'

 firewall-cmd --remove --zone=work --service=samba-client

4. Get a list of all supported services:

 firewall-cmd --list=services

The result should be:

 cluster-suite pop3s bacula-client smtp ipp radius bacula ftp mdns samba 
 dhcpv6-client dns openvpn imaps samba-client http https telnet libvirt ssh 
 ipsecipp-client amanda-client tftp-client dhcpv6 nfs tftp libvirt-tls

Search

QA:Testcase use firewalld zones: Difference between revisions

Revision as of 10:49, 16 March 2012

Description

How to test

@@ Line 2: / Line 2: @@
 This is the test case to check if firewall zones are usable.
+Settings in the zone dowe with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.
 = How to test =
@@ Line 22: / Line 24: @@
    -A IN_ZONE_work_allow -p udp -m udp --dport 138 -j ACCEPT
-. Disbable service 'samba-client' in zone 'work'
+. Disable service 'samba-client' in zone 'work'
    firewall-cmd --remove --zone=work --service=samba-client
-. Get a list of all suported services:
+. Get a list of all supported services:
    firewall-cmd --list=services