I am building a new server and i am using Firewalld for the first time.
I have a loadbalancer that takes public ip requests and routes them to one of my servers with internal IPs
These servers have both public and private ips.
The public ips are restricted access to one IP and that works.
What i am trying to allow all requests to 192.168.194.138 to have access to all ports
I have tried creating a service /etc/firewalld/services/internalIP.xml and have added the service to the trusted zone, but does not make a difference.
I can not access 192.168.194.138 unless I disable Firewalld.
My public IP is on eth0 and my private ip is on eth0:1
This is internalIP.xml :
<?xml version="1.0" encoding="utf-8"?>
<service>
<description>Allow all on non-routable ip</description>
<destination ipv4="192.168.194.138" />
</service>
These are my zones:
firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports: 220/tcp 10016/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
and
firewall-cmd --zone=trusted --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces:
sources: 67.my.ip
services: internalIP
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules: