Firewalld overwrites the existing .xml with new .xml after enabling Log Denied Options

Solution Verified - Updated -


  • Adding logging for reject/drop connection is deleting firewalld rules.
  • firewalld changes the behaviours after executing --set-log-denied=all.
  • firewalld replacing old rules once logging is enabled.


  • Red Hat Enterprise Linux 7.4 (RHEL 7.4)
  • firewalld-

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In