Subclass of CIM_SettingData
Firewall zone defines the trust level of the interface used for a connection. Features that are enabled in the zone are associated to the instance of this class via LMI_FirewalldZoneComponent.
boolean Masquarade
Enable masquarading for the firewall zone.
This option is not usable for IPv6.
uint16 Target
Target defines policy of handling packets that doesn’t match any rule associated to this instance.
ACCEPT target is used to accept every packet that doesn’t match any rule.
REJECT target will reject all packet that doesn’t match any rule with default firewalld reject type.
DROP target will drop all the non-matching packets without any reply to the sender.
Default behavior when no target is specified is to reject the packets.
ValueMap Values 0 No Target 1 Accept 2 Reject 3 Drop
string Version
Version of the zone.
string Name
Name of the zone.
string Description
Description of the zone.
uint32 AddService (LMI_FirewalldService Service, uint16 Mode)
Allow an existing firewalld service in the zone.
Parameters
- IN LMI_FirewalldService Service
- Service that will be allowed.
- IN uint16 Mode
Mode parameter determines whether the service will be enabled in current runtime configuration only or if it will be applied after all future reboots (or reconfigurations) or both.
ValueMap Values 0 Current 1 Permanent 2 Both
uint32 AddICMPBlock (LMI_FirewalldICMPType ICMPType, uint16 Mode)
Block given Internet Control Message Protocol (ICMP) packets in the zone.
Parameters
- IN LMI_FirewalldICMPType ICMPType
- Type of ICMP packet that will be blocked.
- IN uint16 Mode
Mode parameter determines whether the ICMP type will be blocked in current runtime configuration only or if it will be applied after all future reboots (or reconfigurations) or both.
ValueMap Values 0 Current 1 Permanent 2 Both
uint32 AddRichRule (uint16 Mode, LMI_FirewalldRichRule RichRule)
Add rich rule to the zone configuration.Rich rules extends the current zone elements (service, port, icmp-block, masquerade and forward-port) with additional source and destination addresses, logging, actions and limits for logs and actions.
Parameters
- IN uint16 Mode
Mode parameter determines whether the rich rule will be added to current runtime configuration only or if it will be applied after all future reboots (or reconfigurations) or both.
ValueMap Values 0 Current 1 Permanent 2 Both - OUT LMI_FirewalldRichRule RichRule
- Instance of LMI_FirewalldForwardPort class that represents that given port (or range of ports) is allowed in the given zone.
uint32 AddPort (uint16 Port, uint16 Protocol, uint16 Mode, LMI_FirewalldPort FirewalldPort)
Allow the traffic on given port and protocol. Range of ports can be allowed by setting PortRangeEnd property of LMI_FirewalldPort instance returned from this method.
Parameters
- IN uint16 Port
- Port to be allowed in given zone
- IN uint16 Protocol
Allow traffic using given protocol
ValueMap Values 1 TCP 2 UDP - IN uint16 Mode
Mode parameter determines whether the port will be enabled in current runtime configuration only or if it will be applied after all future reboots (or reconfigurations) or both.
ValueMap Values 0 Current 1 Permanent 2 Both - OUT LMI_FirewalldPort FirewalldPort
- Instance of LMI_FirewalldPort class that represents that given port (or range of ports) is allowed in the given zone.
uint32 AddForwardPort (uint16 Port, uint16 Protocol, uint16 Mode, LMI_FirewalldForwardPort ForwardPort)
Enable port forwarding in the zone. Other properties of the port forwarding can be set by modification of LMI_FirewalldForwardPort instance returned from this method.
Parameters
- IN uint16 Port
- Port to be forwarded. By default, the port is forwarded to itself on the same machine. Modify the returned instance of LMI_FirewalldForwardPort to set the destination address and/or the destination port.
- IN uint16 Protocol
Forward traffic on the given protocol
ValueMap Values 1 TCP 2 UDP - IN uint16 Mode
Mode parameter determines whether the port forwarding will be enabled in current runtime configuration only or if it will be applied after all future reboots (or reconfigurations) or both.
ValueMap Values 0 Current 1 Permanent 2 Both - OUT LMI_FirewalldForwardPort ForwardPort
- Instance of LMI_FirewalldForwardPort class that represents that given port (or range of ports) is allowed in the given zone.
None