firewalld.remove_interface
Remove an interface bound to a zone
New in version 2016.3.0
CLI Example:
salt '*' firewalld.remove_interface zone eth0
firewalld.add_port
Allow specific ports in a zone.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.add_port internal 443/tcp
force_masquerade
when a zone is created ensure masquerade is also enabled
on that zone.
firewalld.make_permanent
Make current runtime configuration permanent.
New in version 2016.3.0
CLI Example:
salt '*' firewalld.make_permanent
firewalld.get_services
Print predefined services
CLI Example:
salt '*' firewalld.get_services
firewalld.add_rich_rule
Add a rich rule to a zone
New in version 2016.11.0
CLI Example:
salt '*' firewalld.add_rich_rule zone 'rule'
firewalld.get_sources
List sources bound to a zone
New in version 2016.3.0
CLI Example:
salt '*' firewalld.get_sources zone
firewalld.add_masquerade
Enable masquerade on a zone.
If zone is omitted, default zone will be used.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.add_masquerade
To enable masquerade on a specific zone
salt '*' firewalld.add_masquerade dmz
firewalld.get_interfaces
List interfaces bound to a zone
New in version 2016.3.0
CLI Example:
salt '*' firewalld.get_interfaces zone
firewalld.remove_rich_rule
Add a rich rule to a zone
New in version 2016.11.0
CLI Example:
salt '*' firewalld.remove_rich_rule zone 'rule'
firewalld.get_zones
Print predefined zones
CLI Example:
salt '*' firewalld.get_zones
firewalld.default_zone
Print default zone for connections and interfaces
CLI Example:
salt '*' firewalld.default_zone
firewalld.version
Return version from firewall-cmd
CLI Example:
salt '*' firewalld.version
firewalld.get_service_ports
List ports of a service.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.get_service_ports zone
firewalld.remove_source
Remove a source bound to a zone
New in version 2016.3.0
CLI Example:
salt '*' firewalld.remove_source zone 192.168.1.0/24
firewalld.set_default_zone
Set default zone
CLI Example:
salt '*' firewalld.set_default_zone damian
firewalld.add_source
Bind a source to a zone
New in version 2016.3.0
CLI Example:
salt '*' firewalld.add_source zone 192.168.1.0/24
firewalld.new_zone
Add a new zone
CLI Example:
salt '*' firewalld.new_zone my_zone
By default firewalld will be reloaded. However, to avoid reloading
you need to specify the restart as False
salt '*' firewalld.new_zone my_zone False
firewalld.remove_service_protocol
Remove a protocol from the specified service.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.remove_service_protocol zone ssh
firewalld.remove_port_fwd
Remove Port Forwarding.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.remove_port_fwd public 80 443 tcp
firewalld.new_service
Add a new service
CLI Example:
salt '*' firewalld.new_service my_service
By default firewalld will be reloaded. However, to avoid reloading
you need to specify the restart as False
salt '*' firewalld.new_service my_service False
firewalld.get_icmp_types
Print predefined icmptypes
CLI Example:
salt '*' firewalld.get_icmp_types
firewalld.add_interface
Bind an interface to a zone
New in version 2016.3.0
CLI Example:
salt '*' firewalld.add_interface zone eth0
firewalld.add_service
Add a service for zone. If zone is omitted, default zone will be used.
CLI Example:
salt '*' firewalld.add_service ssh
To assign a service to a specific zone:
salt '*' firewalld.add_service ssh my_zone
firewalld.add_port_fwd
Add port forwarding.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.add_port_fwd public 80 443 tcp
force_masquerade
when a zone is created ensure masquerade is also enabled
on that zone.
firewalld.remove_service_port
Remove a port from the specified service.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.remove_service_port zone 80
firewalld.remove_service
Remove a service from zone. This option can be specified multiple times.
If zone is omitted, default zone will be used.
CLI Example:
salt '*' firewalld.remove_service ssh
To remove a service from a specific zone
salt '*' firewalld.remove_service ssh dmz
firewalld.reload_rules
Reload the firewall rules, which makes the permanent configuration the new
runtime configuration without losing state information.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.reload
firewalld.add_service_protocol
Add a new protocol to the specified service.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.add_service_protocol zone ssh
firewalld.list_services
List services added for zone as a space separated list.
If zone is omitted, default zone will be used.
CLI Example:
salt '*' firewalld.list_services
List a specific zone
salt '*' firewalld.list_services my_zone
firewalld.remove_port
Remove a specific port from a zone.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.remove_port internal 443/tcp
firewalld.remove_masquerade
Remove masquerade on a zone.
If zone is omitted, default zone will be used.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.remove_masquerade
To remove masquerade on a specific zone
salt '*' firewalld.remove_masquerade dmz
firewalld.list_port_fwd
List port forwarding
New in version 2015.8.0
CLI Example:
salt '*' firewalld.list_port_fwd public
firewalld.get_masquerade
Show if masquerading is enabled on a zone.
If zone is omitted, default zone will be used.
CLI Example:
salt '*' firewalld.get_masquerade zone
firewalld.list_icmp_block
List ICMP blocks on a zone
New in version 2015.8.0
CLI Example:
salt '*' firewlld.list_icmp_block zone
firewalld.get_service_protocols
List protocols of a service.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.get_service_protocols zone
firewalld.delete_zone
Delete an existing zone
CLI Example:
salt '*' firewalld.delete_zone my_zone
By default firewalld will be reloaded. However, to avoid reloading
you need to specify the restart as False
salt '*' firewalld.delete_zone my_zone False
firewalld.list_ports
List all ports in a zone.
New in version 2015.8.0
CLI Example:
salt '*' firewalld.list_ports
firewalld.list_zones
List everything added for or enabled in all zones
CLI Example:
salt '*' firewalld.list_zones
firewalld.allow_icmp
Allow a specific ICMP type on a zone
New in version 2015.8.0
CLI Example:
salt '*' firewalld.allow_icmp zone echo-reply
firewalld.delete_service
Delete an existing service
CLI Example:
salt '*' firewalld.delete_service my_service
By default firewalld will be reloaded. However, to avoid reloading
you need to specify the restart as False
salt '*' firewalld.delete_service my_service False
firewalld.block_icmp
Block a specific ICMP type on a zone
New in version 2015.8.0
CLI Example:
salt '*' firewalld.block_icmp zone echo-reply
firewalld.add_service_port
Add a new port to the specified service.
New in version 2016.11.0
CLI Example:
salt '*' firewalld.add_service_port zone 80
firewalld.list_all
List everything added for or enabled in a zone
CLI Example:
salt '*' firewalld.list_all
List a specific zone
salt '*' firewalld.list_all my_zone
firewalld.get_rich_rules
List rich rules bound to a zone
New in version 2016.11.0
CLI Example:
salt '*' firewalld.get_rich_rules zone