Welcome to the firewalld project homepage!
Firewalld provides a dynamically managed firewall with support for network/firewall zones that defines the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets. There is a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add firewall rules directly.
- D-Bus API
- Timed firewall rules
- Rich Language for specific firewall rules
- IPv4 and IPv6 NAT support
- Firewall zones
- IP set support
- Simple log of denied packets
- Direct interface
- Lockdown: Whitelisting of applications that may modify the firewall
- Support for iptables, ip6tables, ebtables and ipset firewall backends
- Automatic loading of Linux kernel modules
- Integration with Puppet
Who’s using it?
firewalld is used in the following Linux distributions as the default firewall management tool:
- RHEL 7
- Fedora 18 and newer
- Available for many other distributions
Applications and libraries which support firewalld as a firewall management tool include: