Output of iptables -L -v -n
does not match firewall-cmd --list-all-zones
.
Specifically, I'm looking for the forwarding rules I have in place for two virtual machines. They can be clearly seen with iptables.
[root@localhost ~]# iptables -S -v | grep 192.168
-A FORWARD -d 192.168.122.0/24 -i br0 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -c 160 12160 -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -o br0 -c 160 12160 -j ACCEPT
-A FORWARD -d 192.168.100.0/24 -i br0 -o virbr1 -m conntrack --ctstate RELATED,ESTABLISHED -c 110 8360 -j ACCEPT
-A FORWARD -s 192.168.100.0/24 -i virbr1 -o br0 -c 110 8360 -j ACCEPT
I cannot find this same info with firewall-cmd --list-all-zones
.
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: br0
sources:
services: ftp dhcpv6-client http ssh
ports: 5901/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
The other zones have even less info but I can display them if you wish to see.
I should be able to view these rules with firewall-cmd
, correct? Or am I wrong to believe this? Or am I simply using the wrong firewall-cmd
command? I've read through the manual for firewall-cmd and I can't seem to find the correct command if it exists.