I’ve a CentOS 7 machine the place I am making an attempt so as to add some customized firewall guidelines. I normally use firewalld, so I added them this manner:
firewall-cmd --permanent --direct --add-chain ipv4 filter DOCKER-USER # Add guidelines (see feedback for particulars) firewall-cmd --permanent --direct --add-rule ipv4 filter DOCKER-USER 0 -j REJECT -i eth0 -dport 27017
direct.xml file seems to be like this:
<?xml model="1.0" encoding="utf-8"?> <direct> <chain desk="filter" ipv="ipv4" chain="DOCKER-USER"/> <rule precedence="0" desk="filter" ipv="ipv4" chain="DOCKER-USER">-j REJECT -i eth0 -dport 27017</rule> </direct>
To this point so good. But, after I attempt reloading the principles, I get this error:
Error: COMMAND_FAILED: Direct: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: The -t choice (seen in line 3) can't be utilized in iptables-restore.
Studying this bug report, it looks as if there’s some inconsistency in a command-line parser someplace, however I do not actually perceive the place or why. What is going on on? How can I add these guidelines utilizing firewall-cmd?