Hi, I would like to know what will happen when I add 192.168.3.0/24 to trusted zone, but 192.168.3.1/32 to public zone. 192.168.3.1 is the gateway and should not have access to other services in that network. However, will it be blocked or trusted to access services which are allowed in the trusted zone? What's firewalld's rule? Deny before allow? Thanks in advance Tim
On Fri, Mar 20, 2015 at 10:19:13PM +0100, Tim wrote:> I would like to know what will happen when I add 192.168.3.0/24 to > trusted zone, but 192.168.3.1/32 to public zone.[...]> What's firewalld's rule? Deny before allow?It's a little confusing, but the zones apply to _your_ interfaces, not to external addresses. Only one zone is active at a time per interface. -- Matthew Miller <mattdm at fedoraproject.org> Fedora Project Leader
I thought that applying a source instead of a interface to a zone would also work. Am 21. M?rz 2015 20:10:15 MEZ, schrieb Matthew Miller <mattdm at mattdm.org>:>On Fri, Mar 20, 2015 at 10:19:13PM +0100, Tim wrote: >> I would like to know what will happen when I add 192.168.3.0/24 to >> trusted zone, but 192.168.3.1/32 to public zone. >[...] >> What's firewalld's rule? Deny before allow? > >It's a little confusing, but the zones apply to _your_ interfaces, not >to external addresses. Only one zone is active at a time per interface. > >-- >Matthew Miller ><mattdm at fedoraproject.org> >Fedora Project Leader >_______________________________________________ >CentOS mailing list >CentOS at centos.org >http://lists.centos.org/mailman/listinfo/centos