Bug 905293

Summary: firewall configurability regression
Product: [Fedora] Fedora Reporter: Andrei Gaponenko <gandr>
Component: firewalldAssignee: Thomas Woerner <twoerner>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 18CC: jpopelka, twoerner
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-29 11:24:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Andrei Gaponenko 2013-01-29 05:06:04 UTC 
Hello,

To allow (KVM) virtual machine guests running on a Fedora 16 host
connect to host services one could open system-config-firewall, define
"virbr0" and "vnet0" as trusted interfaces, and be done.

On Fedora 18, the firewall-config GUI does not provide any means to
work with network interfaces.  Moreover,

# firewall-cmd --zone=trusted --add-interface=virbr0
# firewall-cmd --zone=trusted --add-interface=vnet0

works, but only until the next host reboot, while

# firewall-cmd  --permanent --zone=trusted --add-interface=virbr0
# firewall-cmd  --permanent --zone=trusted --add-interface=vnet0

just brings up a man page (no error message???)
This is firewalld-0.2.12-1.fc18.src.rpm

Andrei

PS. I am aware of #882736, which reports that the patch to firewalld
allows to restore VM guest functionality by setting default zone to
"trusted".  That workaround is unsatisfactory because of its potential
to create security problems.
Comment 1 Jiri Popelka 2013-01-29 11:24:18 UTC 

*** This bug has been marked as a duplicate of bug 903456 ***