firewalld 問題整理
AllowZoneDrifting is enabled.
- 出現 AllowZoneDrifting is enabled.
[root@ex-ap test]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since Sun 2022-02-13 09:58:54 CST; 2s ago
Docs: man:firewalld(1)
Main PID: 7200 (firewalld)
Tasks: 2
CGroup: /system.slice/firewalld.service
└─7200 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
Feb 13 09:58:53 ex-ap systemd[1]: Starting firewalld - dynamic firewall daemon...
Feb 13 09:58:54 ex-ap systemd[1]: Started firewalld - dynamic firewall daemon.
Feb 13 09:58:54 ex-ap firewalld[7200]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It wil... it now.
Hint: Some lines were ellipsized, use -l to show in full.
- 解決方式
修改 /etc/firewalld/firewalld.conf 中的 AllowZoneDrifting 參數改為 no
修改完成後重起firewalld