Dynamically managed firewall with support for network zones and CLI and graphical configuration tools
firewalld provides support for network or firewall zones to define the trust level of network connections or interfaces.
It has support for IPv4, IPv6 firewall settings and for ethernet bridges and a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add ip*tables and ebtables rules directly.
Changes can be done immediately in the runtime environment. No restart of the service or daemon is needed.
With the firewalld D-Bus interface it is simple for services, applications and also users to adapt firewall settings. The interface is complete and is used for the firewall configuration tools firewall-cmd, firewall-config and firewall-applet.
The separation of the runtime and permanent configuration makes it possible to do evaulation and tests in runtime. The runtime configuration is only valid up to the next service reload and restart or to a system reboot. Then the permanent configuration will be loaded again. With the runtime environment it is possible to use runtime for settings that should only be active for a limited amount of time. If the runtime configuration has been used for evaluation, and it is complete and working, then it is possible to save this configuration to the permanent environment.
Development: https:/
Documentation: https:/
Project information
- Maintainer:
- Registry Administrators
- Driver:
- Not yet selected
- Licence:
- GNU GPL v2
View full history Series and milestones
trunk series is the current focus of development.
All packages Packages in Distributions
-
firewalld source package in Noble
Version 2.1.1-1 uploaded -
firewalld source package in Mantic
Version 1.3.3-1 uploaded -
firewalld source package in Lunar
Version 1.3.0-1 uploaded -
firewalld source package in Jammy
Version 1.1.1-1ubuntu1 uploaded