core: install a firewalld zone for connection sharingbg/shared-firewalld

https://bugzilla.redhat.com/show_bug.cgi?id=1829637
author: Beniamino Galvani <bgalvani@redhat.com> 2020-05-05 10:54:10 +0200
committer: Beniamino Galvani <bgalvani@redhat.com> 2020-05-06 11:40:41 +0200
commit: 426f0b60ec12dab0b1df12b44e598a62c943c94c (patch)
tree: 88bfe075387df2a96e41efd9513328990525f779 /data/nm-shared.xml
parent: 05fd2a9272faf8a57116d1624e1a32b4aa9f2994 (diff)
download: NetworkManager-bg/shared-firewalld.tar.gz
1 files changed, 20 insertions, 0 deletions
diff --git a/data/nm-shared.xml b/data/nm-shared.xml
new file mode 100644
index 0000000000..25e9cd8636
--- /dev/null
+++ b/data/nm-shared.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone target="ACCEPT">
+  <short>NM Shared</short>
+
+  <description>
+    Zone for NetworkManager connection sharing. Block all traffic to
+    the local machine except ICMPv6, DHCP, ICMPv6 and DNS. Allow all
+    forwarded traffic.
+  </description>
+
+  <rule priority='32767'>
+    <reject/>
+  </rule>
+
+  <protocol value='icmp'/>
+  <protocol value='ipv6-icmp'/>
+  <service name="dhcp"/>
+  <service name="dns"/>
+  <masquerade/>
+</zone>
author	Beniamino Galvani <bgalvani@redhat.com>	2020-05-05 10:54:10 +0200
committer	Beniamino Galvani <bgalvani@redhat.com>	2020-05-06 11:40:41 +0200
commit	426f0b60ec12dab0b1df12b44e598a62c943c94c (patch)
tree	88bfe075387df2a96e41efd9513328990525f779 /data/nm-shared.xml
parent	05fd2a9272faf8a57116d1624e1a32b4aa9f2994 (diff)
download	NetworkManager-bg/shared-firewalld.tar.gz