mirror of
https://pagure.io/fedora-docs/quick-docs.git
synced 2024-11-25 13:44:51 +00:00
23 lines
1.7 KiB
Text
23 lines
1.7 KiB
Text
|
// Module included in the following assemblies:
|
||
|
//
|
||
|
// firewalld.adoc
|
||
|
|
||
|
[id='concept-firewalld-fedora']
|
||
|
= Using firewalld
|
||
|
|
||
|
== What is firewalld?
|
||
|
|
||
|
A _firewall_ is a way to protect machines from any unwanted traffic from outside. It enables users to control incoming network traffic on host machines by defining a set of _firewall rules_. These rules are used to sort the incoming traffic and either block it or allow through.
|
||
|
|
||
|
`firewalld` is a firewall service daemon that provides a dynamic customizable host-based firewall with a `D-Bus` interface. Being dynamic, it enables creating, changing, and deleting the rules without the necessity to restart the firewall daemon each time the rules are changed.
|
||
|
|
||
|
`firewalld` uses the concepts of _zones_ and _services_, that simplify the traffic management.
|
||
|
|
||
|
`_Zones_` are predefined sets of rules. Network interfaces and sources can be assigned to a zone. The traffic allowed depends on the network your computer is connected to and the security level this network is assigned. Firewall services are predefined rules that cover all necessary settings to allow incoming traffic for a specific service and they apply within a zone.
|
||
|
|
||
|
`_Services_` use one or more ports or addresses for network communication. Firewalls filter communication based on ports. To allow network traffic for a service, its ports must be open. `firewalld` blocks all traffic on ports that are not explicitly set as open. Some zones, such as trusted, allow all traffic by default.
|
||
|
|
||
|
.Additional resources
|
||
|
|
||
|
For more information about using firewalld and configuring zones and services, see link:https://firewalld.org/documentation/[firewalld documentation] or link:https://fedoraproject.org/wiki/Firewalld[Fedora wiki:firewalld]
|