Uploaded image for project: 'Product Technical Learning'
  1. Product Technical Learning
  2. PTL-6464

RH254-304, Ch4, page 99. Example rich-rule is incorrect.

XMLWordPrintable

    • 4

      URL:
      Reporter RHNID:
      Section: -
      Language:
      Workaround:

      Description: One of the example rich-rules for firewalld is incorrect (p99).

      # firewall-cmd --add-rich-rule='rule service name=ftp limit value=2/m accept'
      
      Allow two new connections to ftp per minute.
      

      I don't believe this does connection rate limiting. The limit rule is for limiting logging rate only.

      Example should be removed, (since this is covered in the logging section), or modified to read

      # firewall-cmd --add-rich-rule='rule service name=ftp log limit value="2/m" accept'
      
      Allow new connections for service ftp and log 2 per minute using syslog 
      

      Or simply replace with a different example, e.g.

      # firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.0.5" port port=8080 protocol=tcp accept'
      

            bsivasub@redhat.com Buvanesh Kumar
            mstonebank Michael Stonebank (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: