From Fedora Project Wiki

Revision as of 11:45, 16 March 2012 by Jpopelka (talk | contribs)

Description

This is the test case to check if firewall zones are usable.

Settings in the zone done with firewall-cmd or with the D-BUS interface are only valid till reboot or firewalld service restart.

How to test

1. Get settings of 'work' zone 

 firewall-cmd --list=all --zone=work

2. Enable service 'samba-client' in zone 'work' 

 firewall-cmd --add --zone=work --service=samba-client

To check if it has been enabled: 

 iptables-save | grep work

These two lines should be in the output: 

 -A IN_ZONE_work_allow -p udp -m udp --dport 137 -j ACCEPT
 -A IN_ZONE_work_allow -p udp -m udp --dport 138 -j ACCEPT

3. Disable service 'samba-client' in zone 'work' 

 firewall-cmd --remove --zone=work --service=samba-client

4. Get a list of all supported services: 

 firewall-cmd --list=services

The result should be: 

 cluster-suite pop3s bacula-client smtp ipp radius bacula ftp mdns samba 
 dhcpv6-client dns openvpn imaps samba-client http https telnet libvirt ssh 
 ipsecipp-client amanda-client tftp-client dhcpv6 nfs tftp libvirt-tls
Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_use_firewalld_zones&oldid=277872"