On 11/09/2012 05:21 AM, Matthew Miller wrote:
I'm making a crude fake EC2 environment on my test machine, and as part of
that, I need a web server listening on 169.254.169.254. I've bound this
address to lo:0. How do I use firewall-cmd to allow http through? It's
blocked by default.
I thought I could do it with the interface=lo:0 argument, but that gives me
"Warning: ALREADY_ENABLED". And firewall-cmd --list-interfaces returns only
'wlan0'
Add the interface to the default zone or to trusted, if you want to have
full access:
To add the interface to the default zone:
firewall-cmd --add-interface=lo:0
To add the interface to the trusted zone:
firewall-cmd --add-interface=lo:0 --zone=trusted
As ":" was not allowed in interface names up to now, this is only
possible with the GIT version and also soon with an updated firewalld
package in Fedora.
There doesn't appear to be any real documentation for firewall-cmd. The web
page is just development plans, the help is a maze of BNF, and the man page
is full of less-than-helpful stuff like:
interface=<interface>
Use an interface name.
Man pages with more information and also examples are in the works.
Where should I look to find out more?
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
