Centos7 linux系统-firewalld解决keepalived的VIP问题防火墙vrrp

admin

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface em1 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
6 R  z' F& B% w6 J0 E' T' F
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens3 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
* O  u# ~- e2 ~% i1 n firewall-cmd --reload
2 S+ ^" J. P% q$ v) z  ?1 x/ _) S9 a firewall-cmd --direct --get-all-rules
" g3 U. }7 x' Z+ Y0 z
7 I0 F2 z% D. e9 T" ?7 P" }* U# e

- U: K$ [8 s1 L7 @7 ]* ]

keepalived的VIP问题

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT

+ g1 f( S% h4 k8 @" {

admin

[root@controller1 ~]# firewall-cmd --direct --get-all-rules
. ^3 J# z/ l4 bipv4 filter INPUT 0 --in-interface em1 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
' ~' L7 T8 |! b# D( r, w6 L* m, Fipv4 filter INPUT 0 --in-interface ens3 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
7 O& {4 S" K' u, n5 s[root@controller1 ~]#

# _- q& e. B7 R+ T" r+ g vim /etc/firewalld/direct.xml