Hide Forgot
Customer states they are running into the same exact issue as the following bug, except on RHEL 7.2 Bug 1163428 - rich rule with destination and no element Customer Comment: ---------------------------------------------------------- I am seeing the same issue as described by this unresolved Fedora bug (https://bugzilla.redhat.com/show_bug.cgi?id=1163428). It occurs with newer firewalld packges (firewalld-0.3.9-14.el7.noarch). I get the same issue when I attempt to create a rich rule with destination address but no protocol/port it gives error: ERROR: INVALID_RULE: no element, no source Also, when using a source AND destination address but no protocol/port I get: Error: INVALID_RULE: destination action Firstly, the error messages provide no useful information about the problem. Secondly, I would like to understand why a port and/or protocol are required in these scenarios. I think it is a perfectly logical use-case to allow all traffic (protocols) coming into a particular interface/address. Furthermore, "all" is not a valid selection for the protocol, why? Not urgent but would like to understand the function better and possibly get it fixed to be more intuitive.
Fixed upstream: https://github.com/t-woerner/firewalld/commit/221d810557deb62e0c402bfadf2f965ebdab70f1
*** Bug 1352179 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2597.html