> Oh, I did not realize the services recognized by firewalld is limited.
It's not limited however it ships with a handful of common predefined services for convenience. You can find them in `/usr/lib/firewalld/services` and use them as a template and create one for `ws-discovery` if you like. Here is an example one you could place in `/etc/firewalld/services/ws-discovery.xml` which would allow you to refernece `ws-discovery` in future rules. ``` <?xml version="1.0" encoding="utf-8"?> <service> <short>ws-discovery</short> <description>Web Services Dynamic Discovery</description> <port port="3702" protocol="tcp"/> <port port="3702" protocol="udp"/> </service> ``` Reference: https://firewalld.org/documentation/howto/add-a-service.html -- Cody Robertson Chief Technical Officer, Hawk Host Inc. [email protected] On Wed, Dec 8, 2021, at 4:23 PM, Neil Aggarwal wrote: > Oh, I did not realize the services recognized by firewalld is limited. > > I used the port rule and it seems to be working. Thanks for the help! > > Neil > > -- > Neil Aggarwal, (972) 834-1565, http://www.propfinancing.com > We offer 30 year loans on single family houses! > > *From:* Jonathan Wright [mailto:[email protected]] > *Sent:* Wednesday, December 8, 2021 2:50 PM > *Cc:* [email protected] > *Subject:* [AlmaLinux Users] Re: Error: ws-discovery is an invalid service > > I don't think this is something included in the predefined firewalld > service rules. ie: > > firewall-cmd --get-services > > You should probably just make a rule for the port instead of using the > service name. > > On Wed, Dec 8, 2021 at 2:37 PM Neil Aggarwal <[email protected]> wrote: >> Hello all: >> >> I am seeing packets to port 3702 in my firewall log so I wanted >> to add a rule to drop them silently. >> >> I tried this command: >> firewall-cmd --permanent --add-rich-rule='rule service name=ws-discovery >> drop' >> >> Which give me this message: >> success >> >> But, when I do >> systemctl restart firewalld >> >> I see this entry in the log: >> ERROR: INVALID_SERVICE: ws-discovery >> >> That is strange. Any idea what went wrong? >> >> Thank you, >> Neil >> >> -- >> Neil Aggarwal, (972) 834-1565, http://www.propfinancing.com >> We offer 30 year loans on single family houses! >> >> _______________________________________________ >> AlmaLinux Users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] > > > -- > Jonathan Wright > AlmaLinux Foundation > Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan> > _______________________________________________ > AlmaLinux Users mailing list -- [email protected] > To unsubscribe send an email to [email protected]
