What were you trying to do that didn't work?
I added a service in a policy with --timeout argument so that the service
gets removed after the mentioned timeout value but instead it did not get removed after the timeout which is unexpected.
What is the impact of this issue to you?
This increases manual work in testing firewall rules or scenario. Impact is none as we can add the rule normally and remove it after, but this is a bug.
Please provide the package NVR for which the bug is seen:
How reproducible is this bug?:
Steps to reproduce
- firewall-cmd --permanent --new-policy test
success - firewall-cmd --reload
success - # firewall-cmd --list-all-policies | grep -i -A15 test
test
priority: -1
target: CONTINUE
ingress-zones:
egress-zones:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules: - # firewall-cmd --policy test --add-service https --timeout 5s
success
+++++++++++++++++++++++++++
After 5s the sevice stays as it is.
- firewall-cmd --list-all-policies | grep -i -A15 test
test
priority: -1
target: CONTINUE
ingress-zones:
egress-zones:
services: https
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Expected results
Whatever rule I add with the --timeout value should get removed automatically after the timeout.
Actual results
The --timeout argument is not getting honored and the rule is staying even after the timeout value.
- impacts account
-
RHEL-5795 firewalld timeout options does not work with policy
-
- Planning
-
