1CDIST-TYPE__FIREWALLD_RULE(7) cdist CDIST-TYPE__FIREWALLD_RULE(7)
2
6 cdist-type__firewalld_rule - Configure firewalld rules
7
9 This cdist type allows you to manage rules in firewalld using the di‐
10 rect way (i.e. no zone support).
11
13 rule The rule to apply. Essentially an firewalld command line without
14 firewalld in front of it.
15 protocol
17 Either ipv4, ipv4 or eb. See firewall-cmd(1)
18 table The table to use (like filter or nat). See firewall-cmd(1).
20 chain The chain to use (like INPUT_direct or FORWARD_direct). See
22 firewall-cmd(1).
23 priority
25 The priority to use (0 is topmost). See firewall-cmd(1).
26
28 state 'present' or 'absent', defaults to 'present'
29
31 # Allow access from entrance.place4.ungleich.ch
32 __firewalld_rule entrance \
33 --protocol ipv4 \
34 --table filter \
35 --chain INPUT_direct \
36 --priority 0 \
37 --rule '-s entrance.place4.ungleich.ch -j ACCEPT'
38 # Allow forwarding of traffic from br0
40 __firewalld_rule vm-forward --protocol ipv4 \
41 --table filter \
42 --chain FORWARD_direct \
43 --priority 0 \
44 --rule '-i br0 -j ACCEPT'
45 # Ensure old rule is absent - warning, the rule part must stay the same!
47 __firewalld_rule vm-forward
48 --protocol ipv4 \
49 --table filter \
50 --chain FORWARD_direct \
51 --priority 0 \
52 --rule '-i br0 -j ACCEPT' \
53 --state absent
54
56 cdist-type__iptables_rule(7), firewalld(8)
57
59 Nico Schottelius <nico-cdist--@--schottelius.org>
60
62 Copyright (C) 2015 Nico Schottelius. You can redistribute it and/or
63 modify it under the terms of the GNU General Public License as pub‐
64 lished by the Free Software Foundation, either version 3 of the Li‐
65 cense, or (at your option) any later version.
66
68 ungleich GmbH 2021
697.0.0 Jul 31, 2022 CDIST-TYPE__FIREWALLD_RULE(7)