我的问题是,当我尝试从公共(默认)区域中删除接口时,出现错误:
firewall-cmd --zone=public --remove-interface=eth0 --permanent
The interface is under control of NetworkManager and already bound to the default zone.
The interface is under control of NetworkManager, setting zone to default.
success
公共区域配置:
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules: `
当我停止 NetworkManager 时,它允许我将其删除。但是,当我再次启动 NetworkManager 并重新启动防火墙时,接口 eth0 又回到了公共区域。
如何使用 firewalld 模块一次启用多个服务?我正在使用此代码在运行 ansible-playbook 后启用一项服务 (https)。它工作得很好。但是,我无法弄清楚如何在此代码中启用多个服务,而不仅仅是一个 (https)。
- name: firewalld configuration
firewalld:
zone: public
service: https
permanent: yes
state: enabled
notify: reload firewalld
我尝试了用于安装多个软件包但没有运气的相同方法(见下文)。它回答错误(见下文)
- name: firewalld configuration
firewalld:
zone: public
service:
name:
- https
- http
permanent: yes
state: enabled
notify: reload firewalld
错误:
fatal: [192.168.0.101]: FAILED! => {"changed": false, "msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: '{'name': ['https', 'http']}' not among existing services Permanent operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on …