On Mon, 2013-01-28 at 10:34 +0000, Jorge Martínez López wrote: > Hi Rob: > > 2013/1/28 Robert Locke <lists@xxxxxxxxx> > > > > I would like to associate the virbr0 interface, created by libvirtd, to > > be considered part of the "internal" zone, since I "trust" my own VMs > > talking to the host. But, what is the "supportable" method for > > accomplishing this? There is no ifcfg- where I could put the firewall > > zone.... > > > > firewall-cmd [--zone=<zone>] --add-interface=<interface> > > from https://fedoraproject.org/wiki/FirewallD#Generic_use > Thanks Jorge for this idea.... But, what I really could use is a "persistent" solution. I had already found the above documentation, but with each reboot I need to run it again (And, I know I could add it to rc.local, if that still exists, but I want a "supported" method). And "--permanent" doesn't seem to work yet for "--add-interface" but did cover my one service I needed to add to the internal zone. Normally, there is a "ZONE=" that can be added to the ifcfg- files, but virbr0 doesn't have one of those, or, at least not where I have been able to find it.... This is why I think there is some enhancement to libvirtd with regard to firewalld that perhaps needs to be created, or I'm overlooking something? --Rob -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
