On 24.04.2023 13:47, Carlos E. R. wrote:
Beta:/etc/firewalld/zones # firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv6" source mac="...:d4" reject' success Beta:/etc/firewalld/zones # firewall-cmd --list-rich-rules
Beta:/etc/firewalld/zones # less public.xml
Beta:/etc/firewalld/zones # firewall-cmd --reload Error: Message recipient disconnected from message bus without replying Beta:/etc/firewalld/zones #
In Tumbleweed it works correctly. In Leap 15.4 with default nftables backend firewalld gets "unsupported family" and aborts. It does not happen in firewalld itself, but rather in supporting library used by firewalld. It works when using iptables backend. Apparently nobody tried to define ipv6 rules so far in Leap.