From 07de83e04a453ec5bb172f48db0ba863cf8d42a7 Mon Sep 17 00:00:00 2001 From: TorontoMedia Date: Fri, 13 May 2016 22:38:10 -0400 Subject: [PATCH] Update firewallcmd-common.conf --- config/action.d/firewallcmd-common.conf | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/config/action.d/firewallcmd-common.conf b/config/action.d/firewallcmd-common.conf index 106ef216..4abe5318 100644 --- a/config/action.d/firewallcmd-common.conf +++ b/config/action.d/firewallcmd-common.conf @@ -10,6 +10,16 @@ # Values: STRING name = default +# Option port +# Notes Can also use port numbers separated by a comma and in rich-rules comma and/or space. +# Value STRING Default: 1:65535 +port = 1:65535 + +# Option: protocol +# Notes [ tcp | udp | icmp | all ] +# Values: STRING Default: tcp +protocol = tcp + # Option: family(ipv4) # Notes specifies the socket address family type # Values: STRING @@ -28,7 +38,7 @@ zone = public # Option: service # Notes use command firewall-cmd --get-services to see a list of services available -# Examples zones: amanda-client amanda-k5-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns freeipa-ldap freeipa-ldaps +# Examples services: amanda-client amanda-k5-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns freeipa-ldap freeipa-ldaps # freeipa-replication ftp high-availability http https imaps ipp ipp-client ipsec iscsi-target kadmin kerberos # kpasswd ldap ldaps libvirt libvirt-tls mdns mosh mountd ms-wbt mysql nfs ntp openvpn pmcd pmproxy pmwebapi pmwebapis pop3s # postgresql privoxy proxy-dhcp puppetmaster radius rpc-bind rsyncd samba samba-client sane smtp squid ssh synergy @@ -37,18 +47,18 @@ zone = public service = ssh # Option: rejecttype (ipv4) -# Note: See iptables/firewalld man pages for ipv4 reject types. +# Notes See iptables/firewalld man pages for ipv4 reject types. # Values: STRING rejecttype = icmp-port-unreachable # Option: blocktype (ipv4/ipv6) -# Note: See iptables/firewalld man pages for jump targets. Common values are REJECT, +# Notes See iptables/firewalld man pages for jump targets. Common values are REJECT, # REJECT --reject-with icmp-port-unreachable, DROP # Values: STRING blocktype = REJECT --reject-with # Option: rich-blocktype (ipv4/ipv6) -# Note: See firewalld man pages for jump targets. Common values are reject, +# Notes See firewalld man pages for jump targets. Common values are reject, # reject type="icmp-port-unreachable", drop # Values: STRING rich-blocktype = reject type=''