On Tue, Apr 25, 2023 at 11:02 AM Carlos E. R. <robin.listas@telefonica.net> wrote:
With SuSEfirewalld I used this rule:
FW_TRUSTED_NETS=192.168.1.15,tcp,smtp \ 192.168.1.15,tcp,ftp 192.168.1.15,tcp,ftp-data \ 192.168.1.15,udp,syslog 192.168.1.15,tcp,514 \ 192.168.1.15,udp,6666 192.168.1.15,icmp \ 192.168.1.15,tcp,nfs 192.168.1.15,udp,sunrpc"
Which allowed those ports only if coming from that machine.
And goalposts have been shifted again. First you wanted ports open to LAN but not WAN. Next you wanted ports open to WAN and LAN. And now you want ports opened to one specific address only.
I'd like to know if there is a similar trick with firewalld.
Yes.
However, even if it exists, on IPv6 the address used to enter is not one, but several, and the prefix changes.
You apparently indulge in beating the dead horse. Anybody forces you to use IPv6 at all? They took away IPv4 and it is no longer functional?