Wednesday, 27 November 2013

Firewalld Configuration File for Avahi

This post is part of my ongoing project to create an Avahi configuration package for Pidora Linux. My last post detailed the release of version 0.1 of this project.

Although Pidora 18 contains the command for iptables, it uses the new firewalld program.

This program uses preconfigured "zones" to manage firewall rules. As a service is installed, it is made "firewalld aware". This is the case with both SSH and MDNS. Both services have been added to the "public" zone which is used by default on the Pi's eth0 interface. I found this out by issuing the following command: firewall-cmd --get-active-zone
The zone files are located in /usr/lib/firewalld/zones/

I have tested and found the MDNS has added its own rule into the IN_ZONE_public_allow Chain:
17  7657 ACCEPT     udp  --  *      *            udp dpt:5353 ctstate NEW
This makes the automatic configuration of firewalls much simpler on the Pi.

I am very impressed with the behaviour of these pieces of software as they take steps to make software work right out of the box (also makes my job much easier)!


Post a Comment