Hi,
I'd like to make this rule permanent across reboots:
firewall-cmd --direct --remove-rule ipv4 filter IN_public_allow 0 -m tcp -p tcp --dport 443 -j REJECT
Please advise
also does it effect all zones?
How to make firewall-cmd rule permanent
Re: How to make firewall-cmd rule permanent
I think even the direct rules are limited to that zone (could be wrong though).
As for making it permanent, pass the --permanent arg.
As for making it permanent, pass the --permanent arg.
-
- Posts: 39
- Joined: 2017/02/28 20:46:44
Re: How to make firewall-cmd rule permanent
Thank you, is "direct" a zone?
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: How to make firewall-cmd rule permanent
Direct rules are processed before any zone , so they are global. You should avoid using direct rules (best practice) unless no other choice available.
Why don't you just remove the "https" service instead ? What are you trying to accomplish ?
Why don't you just remove the "https" service instead ? What are you trying to accomplish ?