I have a SUSE 15.2 operating system. I setup a rich-rules to deny icmp ping from the external network.
firewall-cmd --add-rich-rule=‘rule protocol value=icmp reject’ --permanent --zone=dmz
When the machine is reboot, I had to run the command “firewall-cmd --reload” for the rich-rules to be enforce again.
On OPENSUSE 15.4 and 15.5, the rich-rules was enforced if the machine is rebooted.
Looking for anyone know of a workaround or if this is a bug in 15.2 and fixed in 15.4 or 15.4 firewalld.
I hope you are aware of the fact that 15.2 and even 15.4 are out of support for some time already. Thus not many people will have such a system available to try and reproduce your problem. They have to depend complete on their memory and look back three/four years and try to remember what software was used in those times.
Hello Macolm,
I used icmp (ping) rule as an example. On SUSE 15.2, if I setup any rich-rules on this OS 15.2, the rule does not enforce after a reboot. If I run the command to add rich-rules for “ssh” service, this service can still be accessible remotely until I ran the command “firewall-cmd --reload”.
On SUSE 15.4 and 15.5, it enforced the rich-rules after a reboot.