0

I've been playing with Firewalld and I was wondering about how it does to order rules with the same priority.

According to the documentation, it says that there is no guarantee that rules with the same priority will be inserted in the wanted order.

The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority the rule will be added further down. Rules with the same priority are on the same level and the order of these rules is not fixed and may change. If you want to make sure that a rule will be added after another one, use a low priority for the first and a higher for the following.

From the official documentation

However, so far, every rule I added with --add-rule has been added in the order ordered I wanted. In other words, adding the rules in the order wanted seems to keep them in the wanted order.

Therefore, is it wrong to assume that by adding rules in a specific order, they will be kept in that order? If not, is there a way to keep rules with the same priority in a wanted order? (I'm talking about direct rules)

ATrashInTheWorld
  • 1
  • 1
  • 1
  • The text you quoted answers both of your questions. – Michael Hampton Sep 30 '20 at 18:53
  • I really can't see how? If I want, let's say, a subnet, to have a higher priority that his parent subnet, I would need to add another priority for it in order to make it works, no matter that I add it in in the right order, no? – ATrashInTheWorld Sep 30 '20 at 18:54
  • Yes, that's why the priority exists! So that you can control the order. – Michael Hampton Sep 30 '20 at 19:04
  • That I understand, but what if I add a rule with priority 0 and later on another one with priority 0 again. What guarantees me that the second rule will be placed after the first rule. According to the documentation, nothing seems to guarantee that the rules will be in the order added. The way they make it seem is as if the second rule may have a chance to be placed before the first added one. Hence my question, is there a way to make it that the rules with the same priorities are kept in the order added? – ATrashInTheWorld Sep 30 '20 at 19:10
  • Exactly. Nothing guarantees ordering of rules with the same priority. You use the priority to set the order to what you want. If you want a specific order, you use a different priority. This is exactly what it said. – Michael Hampton Sep 30 '20 at 19:21
  • I see, I thought that maybe there was a way out of if. Alright, thank you for your confirmation – ATrashInTheWorld Sep 30 '20 at 19:30
  • The priority IS the way out of it. – Michael Hampton Sep 30 '20 at 19:31

0 Answers0