Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

How to delete "--reject-with icmp-host-prohibited" firewall rule using firewalld?

Hello, all.
This is rather a RHEL7/CentOS7 question than a openstack one..

I've installed OpenStack Icehouse on CentOS7 in typical 3 role manner(controller/NetworkGateway/Compute).
In order for a virtual instance to get address from DHCP server in NetworkGateway, I have to delete the following iptables rule from NetworkGateway.

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

At least, removing above firewall rule worked for RHEL6/CentOS6.

Now, I don't know how to remove this rule.
Yes, using iptables instead of firewalld is easier.., but how can you remove it using firewalld? Or are you using iptables in CentOS7/RHEL7?