man firewall-cmd says that to add a rich rule I have to issue command:
[--permanent] [--zone=zone] [--permanent] [--policy=policy] --add-rich-rule='rule' [--timeout=timeval]
Add rich language rule 'rule'.
Is my understanding correct that ‘rule’ is for example the following?
rule family="ipv6" source address="1:2:3:4:6::" service name="radius" log prefix="dns" level="info" limit value="3/m" reject
But when I remove this rule, do I have to supply its whole definition as above again? I.e:
firewall-cmd --permanent --policy=somepolicy --remove-rich-rule='rule family="ipv6" source address="1:2:3:4:6::" service name="radius" log prefix="dns" level="info" limit value="3/m" reject'