Bug 1563281

Summary: firewall-cmd port check returns "no" if port configured through a port-range
Product: Red Hat Enterprise Linux 7 Reporter: Nikola Kresic <nkresic>
Component: firewalldAssignee: Eric Garver <egarver>
Status: CLOSED DUPLICATE QA Contact: qe-baseos-daemons
Severity: low Docs Contact:
Priority: unspecified    
Version: 7.4CC: todoleza
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-03 14:14:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nikola Kresic 2018-04-03 14:06:44 UTC 
Description of problem:
If a port-range is defined and i check the status of the port range, if its enabled per zone :

[root@nkresic ~]# firewall-cmd --permanent --query-port=20-25/tcp
yes

If i check the single port inside the range :

[root@nkresic ~]# firewall-cmd --permanent --query-port=22/tcp
no

ssh service works without problems with a port-range definition, its only the status of the port, returned by the firewall-cmd, that is the problem. 




Version-Release number of selected component (if applicable):

firewalld-0.4.4.4-6.el7.noarch



How reproducible:

both through GUI of firewall-config or through firewall-cmd



Steps to Reproduce:
1. remove some port that you know you need for connectivity, i removed 22
2. add a port range where your port is a part of that range
3. connectivity works but --query-port reports that it shouldnt



Actual results:

firewall-cmd returns a port with restriction



Expected results:

firewall-cmd should recognize a port inside a permitted port range

Additional info:
Comment 2 Eric Garver 2018-04-03 14:14:07 UTC 

*** This bug has been marked as a duplicate of bug 1404076 ***