Table of Contents
This cdist type allows you to manage rules in firewalld using the direct way (i.e. no zone support).
# Allow acces from entrance.place4.ungleich.ch __firewalld_rule entrance \ --protocol ipv4 \ --table filter \ --chain INPUT_direct \ --priority 0 \ --rule '-s entrance.place4.ungleich.ch -j ACCEPT' # Allow forwarding of traffic from br0 __firewalld_rule vm-forward --protocol ipv4 \ --table filter \ --chain FORWARD_direct \ --priority 0 \ --rule '-i br0 -j ACCEPT' # Ensure old rule is absent - warning, the rule part must stay the same! __firewalld_rule vm-forward --protocol ipv4 \ --table filter \ --chain FORWARD_direct \ --priority 0 \ --rule '-i br0 -j ACCEPT' \ --state absent