http://bugzilla.suse.com/show_bug.cgi?id=1104990 Bug ID: 1104990 Summary: firewalld cannot use NetworkManager interfaces Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network Assignee: bnc-team-screening@forge.provo.novell.com Reporter: luizluca@tre-sc.jus.br QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Hello, Since firewalld upgraded to 0.6.0 (TW 20180812), it cannot use NetworkManager interfaces: # nmcli connection NAME UUID TYPE DEVICE xxxx a2e01b3f-1af6-498a-97ed-926c949c623d ethernet eno1 # nmcli connection show a2e01b3f-1af6-498a-97ed-926c949c623d | grep zone connection.zone: public # grep -i zone /etc/NetworkManager/system-connections/xxxx zone=public # grep -i zone /etc/sysconfig/network/ifcfg-eno1 ZONE=public Everything looks ok, but: # firewall-cmd --get-default-zone public # firewall-cmd --get-zone-of-interface=eno0 no zone # firewall-cmd --get-active-zones vms interfaces: vboxnet0 vboxnet1 # firewall-cmd --zone=public --add-interface=eno1 The interface is under control of NetworkManager and already bound to 'public' The interface is under control of NetworkManager, setting zone to 'public'. success In the end, I have no iptables rules for public zone. I downgraded to firewalld-0.5.3-lp150 from LEAP15. Now it works: # firewall-cmd --get-active-zones public interfaces: eno1 vms interfaces: vboxnet0 vboxnet1 Even through, this still (since always?) fails # firewall-cmd --get-zone-of-interface=eno0 no zone -- You are receiving this mail because: You are on the CC list for the bug.