I have this rich rule :
Code: Select all
# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens32 ens33 ens34 ens35 ens38
sources:
services: dhcpv6-client dns ssh
ports: 53/tcp 53/udp 22/tcp
protocols:
masquerade: yes
forward-ports:
sourceports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="192.168.0.40" forward-port port="22" protocol="tcp" to-port="22"
Code: Select all
# firewall-cmd --permanent --remove-rich-rule="rule family=\"ipv4\" source address=\"192.168.0.40\" forward-port port=\"22\" protocol=\"tcp\" to-port=\"22\""
Warning: NOT_ENABLED: rule family="ipv4" source address="192.168.0.40" forward-port port="22" protocol="tcp" to-port="22"
Code: Select all
# firewall-cmd --reload
# systemctl restart firewalld
Code: Select all
# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens32 ens33 ens34 ens35 ens38
sources:
services: dhcpv6-client dns ssh
ports: 53/tcp 53/udp 22/tcp
protocols:
masquerade: yes
forward-ports:
sourceports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="192.168.0.40" forward-port port="22" protocol="tcp" to-port="22"