When running
[root@host ~]# firewall-cmd --get-active-zones
[root@host ~]#
[root@host ~]# firewall-cmd --get-default-zone
public
I am not getting any active zones. How can I activate a zone?
Asked
Active
Viewed 2.3k times
12
giorgio79
- 1,747
- 9
- 25
- 36
3 Answers
10
You activate a zone by binding a network interface or source IP address range(s) to it. Any firewall rules in the zone then apply to that network interface or IP address range(s).
Michael Hampton
- 237,123
- 42
- 477
- 940
-
1I also had to restart the service. – giorgio79 Jan 13 '16 at 23:02
-
1You can do this via `firewall-cmd --permanent --zone=public --change-interface=eth0` (for example). – Jan 18 '17 at 12:59
-
3I think `--get-active-zones` should print the default zone as well. Maybe as `public (implicit) internal home` or whatever. – bviktor Mar 21 '17 at 18:17
-
1You need a `firewall-cmd --reload` after change interface command @negacao said to commit changes. – alizeyn May 07 '20 at 10:22
1
On a similar case, I took a peek with strace and realized, that FirewallD had somehow lost D-Bus access completely.
The easiest fix was to reboot the Linux. That helped and FirewallD saw active zones again.
Jari Turkia
- 274
- 2
- 5
0
I had the same question, except I had definitely had an interface in a zone. For me I had to restart the firewalld service.
