From 7fcfce31a1a88a130f089e9aaf0610c16fc85826 Mon Sep 17 00:00:00 2001
From: Milan Lysonek <mlysonek@redhat.com>
Date: Thu, 1 Aug 2024 16:06:04 +0200
Subject: [PATCH] firewalld_sshd_port_enabled add zone to all connections

---
 .../ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml   | 2 +-
 .../ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml
index 7b0bda3f10c4..6609c08723c3 100644
--- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/ansible/shared.yml
@@ -22,7 +22,7 @@
   block:
     - name: '{{{ rule_title }}} - Collect NetworkManager connections names'
       ansible.builtin.shell:
-        cmd: nmcli -f UUID,TYPE con | grep ethernet | awk '{ print $1 }'
+        cmd: nmcli -g UUID,TYPE con | grep -v loopback | awk -F ':' '{ print $1 }'
       register: result_nmcli_cmd_connections_names
       changed_when: false
 
diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh
index 10d14ec7d79a..5b39a4b3fdb1 100644
--- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/bash/shared.sh
@@ -20,7 +20,7 @@ else
         firewall-cmd --zone="$firewalld_sshd_zone" --add-service=ssh
 
         # This will collect all NetworkManager connections names
-        readarray -t nm_connections < <(nmcli -f UUID,TYPE con | grep ethernet | awk '{ print $1 }')
+        readarray -t nm_connections < <(nmcli -g UUID,TYPE con | grep -v loopback | awk -F ':' '{ print $1 }')
         # If the connection is not yet assigned to a firewalld zone, assign it to the proper zone.
         # This will not change connections which are already assigned to any firewalld zone.
         for connection in "${nm_connections[@]}"; do