Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Lost SSH Connection after Changing the Default Zone (Firewalld) in OL7

in Linux

Applies to:
Linux OS - Version Oracle Linux 7.0 and later

Symptoms:
Unable to connect to instance via ssh

Changes:
The issue started after creating a new default zone in firewalld

[root@localhost ~]# firewall-cmd --get-default-zone
public
[root@localhost ~]# firewall-cmd --new-zone=newzone --permanent
success
[root@localhost ~]# firewall-cmd --set-default-zone=newzone
success 
root@localhost ~]# firewall-cmd --reload
success

Cause:
When a new zone is created and then set as the default zone, it has no services configured to be allowed:

[root@localhost ~]# firewall-cmd --get-default-zone
  newzone
[root@localhost ~]# firewall-cmd --zone= newzone --list-all
newzone (active)
target: default
icmp-block-inversion: no
interfaces: ens3
sources:
services:     <------  No sshd services included
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!