How to reset firewalld rules to Fedora default?

sampsonf · March 9, 2021, 12:55pm

I want to reset the rules to Fedora default and start over.

Please help.

Thanks in advance!

vgaetera · March 9, 2021, 1:29pm

sudo mv /etc/firewalld{,.bak}
sudo dnf reinstall firewalld

sampsonf · March 9, 2021, 1:32pm

That one works on Fedora Workstation.

How about on Silverblue?

ersen · March 9, 2021, 1:35pm

Assuming your active zone is FedoraWorkstation:

firewall-cmd --load-zone-defaults=FedoraWorkstation --permanent
firewall-cmd --reload

sampsonf · March 9, 2021, 2:01pm

firewall-cmd --load-zone-defaults=FedoraWorkstation --permanent

Error: NO_DEFAULTS: FedoraWorkstation

ersen · March 9, 2021, 2:35pm

From the man page:

--permanent --load-zone-defaults=zone
    Load zone default settings or report NO_DEFAULTS error.

Did you made any changes to the FedoraWorkstation zone? With the default configuration, I get the same error, but after adding some services, it works fine. I tried it with Fedora Workstation (not Silverblue)

vgaetera · March 9, 2021, 2:48pm

@SampsonF, perhaps you should create a separate thread how to reinstall a package in Silverblue.

@ersen, unfortunately that method is not so reliable:

Possibly altered service definitions, direct rules, IP sets, etc. require manual rollback.
File ownership/permissions and SELinux labels may be incorrect.
Firewalld own service config may be customized.
RPM scripts may need to be reapplied.

sampsonf · March 9, 2021, 3:00pm

Done.

Yes, for those zones with modifications, I got a success return. For those I do not change, I got the error return.