Description

This is the test case to check if firewall zones are usable.

Settings in the zone done with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.

How to test

1. Get settings of 'work' zone

 firewall-cmd --list=all --zone=work

2. Enable service 'samba-client' in zone 'work'

 firewall-cmd --add --zone=work --service=samba-client

To check if it has been enabled:

 iptables-save | grep work

These two lines should be in the output:

 -A IN_ZONE_work_allow -p udp -m udp --dport 137 -j ACCEPT
 -A IN_ZONE_work_allow -p udp -m udp --dport 138 -j ACCEPT

3. Disable service 'samba-client' in zone 'work'

 firewall-cmd --remove --zone=work --service=samba-client

4. Get a list of all supported services:

 firewall-cmd --list=services

The result should be:

 cluster-suite pop3s bacula-client smtp ipp radius bacula ftp mdns samba 
 dhcpv6-client dns openvpn imaps samba-client http https telnet libvirt ssh 
 ipsecipp-client amanda-client tftp-client dhcpv6 nfs tftp libvirt-tls