Hi. I have a little trouble with firewalld. I'm trying to open some ports for monitoring server, but it's in the same network as "home" zone: Monitored host (192.168.111.60): lukasz @ strategie 17:52:19 ~ $ -> sudo firewall-cmd --get-active home sources: 192.168.111.0/24 (open ports 22, 80, 443) monitoring sources: 192.168.111.19 (open ports: 5666) public interfaces: ens18 (no open ports) --------------------------------------------------- Monitoring host (192.168.111.19): lukasz @ potemkin 17:57:25 ~ $ -> telnet strategie.ping.local 5666 Trying 192.168.111.60... telnet: connect to address 192.168.111.60: No route to host lukasz @ potemkin 17:57:26 ~ $ -> telnet strategie.ping.local 80 Trying 192.168.111.60... Connected to strategie.ping.local. Escape character is '^]'. ^] telnet> Connection closed. --------------------------------------------------- I think there are conflicting rules on a monitored host, that: - prevent access to 5666 from 192.168.111.0/24, - give access to 5666 from 192.168.111.19 and packets from potemkin are routed trough a home zone. I really would like to have dedicated "monitor" zone. Is there a way to give "monitor" zone more priority, than "home"? I may end with OpenVPN on potemkin and use 172.30.25.0/24 for monitoring, but, apart from encryption aspect, it seems a little excessive. Thank You. -- Łukasz Posadowski _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos