Created attachment 894029 [details] [PATCH] firewalld: Apply all rich rules for non-default targets Description of problem: A zone with a non-default target will not have RULE or PROTOCOL rich rules applied. Version-Release number of selected component (if applicable): 0.3.9.3-1 How reproducible: Always Steps to Reproduce: <?xml version="1.0" encoding="utf-8"?> <zone target="ACCEPT"> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <interface name="eth0"/> <rule family="ipv4"> <port protocol="tcp" port="22"/> <accept/> </rule> </zone> Actual results: Rule not applied in IN_public chain. Expected results: Rule applied in IN_public chain. Additional info: Fix attached.
(In reply to Jay Cornwall from comment #0) > Actual results: > Rule not applied in IN_public chain. '/sbin/iptables -t filter -A ACCEPT_allow -m tcp -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT' failed: iptables: No chain/target/match by that name.
Applied upstream, thank you ! https://git.fedorahosted.org/cgit/firewalld.git/commit/?id=e361f33c2bf42acb2e4db578169326b11041b796
firewalld-0.3.10-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/firewalld-0.3.10-1.fc20
Package firewalld-0.3.10-1.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing firewalld-0.3.10-1.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-6834/firewalld-0.3.10-1.fc20 then log in and leave karma (feedback).
firewalld-0.3.10-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.