Description of problem:
On systems with no NetworkManager installed, an upgrade from 7.4 to 7.5 leads the firewalld to ignore the "ZONE=" directive in the ifcfg-<interface> file. Running the command firewall-cmd --get-active-zones returns nothing.
A work around is to run the command (e.g.):
firewall-cmd --permanent --change-zone=eth0 --zone=internal
This creates an entry in the <zone>.xml file and 7.4 behavior is restored.
Version-Release number of selected component (if applicable):
RHEL 7.5 releae
Upgrade a working 7.4 system to 7.5 system via yum
Steps to Reproduce:
1. Deinstall NetworkManager
2. Upgrade from 7.4 to 7.5
3. Run firewall-cmd --get-active-zones and observe zero output
4. firewall-cmd --permanent --change-zone=<interface> --zone=<zone> to restore functionality
Only default zone attached to all interfaces
Interface attached to the zone file stated in the ZONE= directive
(In reply to Per Hjartoy from comment #0)
> Description of problem:
> On systems with no NetworkManager installed, an upgrade from 7.4 to 7.5
> leads the firewalld to ignore the "ZONE=" directive in the ifcfg-<interface>
> file. Running the command firewall-cmd --get-active-zones returns nothing.
firewalld has never been responsible for reading the ifcfg files for an interface. That is done by network-scripts, i.e. /etc/sysconfig/network-scripts/ifup-post and should occur at boot.
After a reboot was "firewall-cmd --get-active-zones" still yielding empty?
Closing due to insufficient data. Please reopen if you can provide the requested information in comment 2.