Some time back I implemented an ipset called networkblock and have since come to think it isn't working or my scope was wrong. To that end and using man pages & web searches, I was able to successfully delete the ipset with
firewall-cmd --permanent --delete-ipset=networkblock.
After a subsequent reboot, I did a
systemctl status firewalld -l. The service started and is running, but is now complaining about the ipset reference I'd likely placed in the drop zone (I don't understand a lot of this).
Code: Select all
firewalld[4046]: WARNING: drop: INVALID_IPSET: networkblock
I've again browsed and read the man pages and can't seem to find the command that will "disconnect" the now gone ipset from the drop zone. My fear is that banging-away at firewalld with trial commands to 'see if it works', like I'd know, may disable things I don't want disabled (I've already made some attempts).
I'd appreciate your help. Apologies, and thank you.