Hide Forgot
Description of problem: based on discussion from bug 1136801 comment 11 and bug 1136801 comment 15 There came an idea to have possibility to include the only icmp types in icmp-blocks field instead of excluding them. To have it as follows: * 'icmp-blocks' becomes 'icmp-filter' - it should be backwards compatible with (possibly hidden) 'icmp-blocks' setting * default behaviour stays the same * rough description: the whole field can be negated (could use a '!'); from --list-all or --zone-info it's apparent what behaviour is currently set. * behaviour is not dependent on 'default-target' of a zone (would be anti-UX) (this was in original idea) Version-Release number of selected component (if applicable): firewalld-0.3.9-14.el7 Additional info: In el7 icmp-blocks are added one at a time, this might pose a problem with field's functional inversion
Fixed upstream: https://github.com/t-woerner/firewalld/commit/c6a8b4c03f3b96c48dc06cf7cbb71297d03b6c58 https://github.com/t-woerner/firewalld/commit/e1bb04f488500ccaadb49249dc6b22d6daeb342a https://github.com/t-woerner/firewalld/commit/fa589ebe36c24b515994f9cd5bd10285b9321c18 https://github.com/t-woerner/firewalld/commit/9ffa79f00b2964aff87b7a30fc261f0330c06f89 https://github.com/t-woerner/firewalld/commit/2f3cc927360842299640081a0b501e55259901d3 https://github.com/t-woerner/firewalld/commit/50431459987f26e8ea666320fcd433f3a6fa9457 https://github.com/t-woerner/firewalld/commit/26e23b8cd945720cfb2ff37e47b12435747a051b
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2597.html