firewall-cmd remove rich rule fails

firewalld
bluethundr picture bluethundr · Oct 11, 2017 · Viewed 17.8k times · Source

I'm trying to remove some rich rules from firewall-cmd and it seems to work:

 firewall-cmd --remove-rich-rule 'rule family="ipv4"   source address="10.4.220.143/32"   port protocol="tcp" port="13782" accept'

success

But after I reload the rules and check again, the rules are still there:

firewall-cmd --reload

success

# firewall-cmd --list-all
    rule family="ipv4" source address="10.4.220.143/32" port port="13724" protocol="tcp" accept

What am I doing wrong?

Answer

John117 picture John117 · Oct 30, 2017

I think you have to add a < --permanent > statement to make your change permanent after reloading your firewall config.

firewall-cmd --permanent --remove-rich-rule 'rule family="ipv4" source address="10.4.220.143/32" port protocol="tcp" port="13782" accept'

Related questions

Firewalld is not running

When I try to add a port to FirewallsD, I get the following exception: centos 7 answer FirewallD is not running When I try to reload with sudo firewall-cmd --reload centos 7 answers FirewallD is not running when I try to start …

Read More
AllowZoneDrifting - Firewalld: What is it and should I disable it?

I am new here, so please forgive me if I am asking something silly. I have created a DO droplet on CentOS 8. After installing firewalld, I checked its status and it gives a warning. Apr 24 05:56:31 centos-s-1vcpu-1gb-blr1-01 firewalld[2956]: …

Read More
How to open firewall port with ansible firewalld task on Centos 7

I have a task in my ansible-playbook script to open TCP port on a remote machine. but when I run my ansible playbook it throws an error. But when i run "firewall-cmd --permanent --zone=public --add-port=1234/tcp" and "firewalld-cmd --reload" …

Read More