Firewalld
From Gentoo Wiki
FirewallD is DBUS-enabled firewall software for Linux, which works on top of the in-kernel iptables firewall. It was created by Red Hat, but it is available on many Linux distributions, including in Gentoo as net-firewall/firewalld.
From the project homepage:
- Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets. There is a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add firewall rules directly.
Its documentation is available on the project website in HTML format.
USE flags
USE flags for net-firewall/firewalld Firewall daemon with D-Bus interface providing a dynamic firewall
+iptables
|
Add support for net-firewall/iptables as firewall backend |
+nftables
|
Add support for net-firewall/nftables as firewall backend |
gui
|
Enable support for a graphical user interface |
selinux
|
!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur |
test
|
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently) |
Configuration
Configuration may be modified with firewall-cmd; changes will remain in effect until the service is restarted. To persist changes, either:
- Run after firewalld is in the desired state
root #firewall-cmd --runtime-to-permanent
or:
- Include the --permanent flag with a given command. Running will be required for the changes with --permanent to take effect.
root #firewall-cmd --reload
See Also
- Iptables — a program used to configure and manage the kernel's netfilter modules.
- nftables — the successor to iptables.
- ufw — the uncomplicated firewall