firewalld简介

Redhat Enterprise Linux7开始默认使用firewalld作为防火墙,基于iptables的防火墙被默认不启动,但仍然保留下来。
The dynamic firewall daemon firewalld provides a dynamically managed firewall with support for network “zones” to assign a level of trust to a network and its associated connections and interfaces. It has support for IPv4 and IPv6 firewall settings. It supports Ethernet bridges and has a separation of runtime and permanent configuration options. It also has an interface for services or applications to add firewall rules directly.

The configuration for firewalld is stored in various XML files in /usr/lib/firewalld/ and /etc/firewalld/. This allows a great deal of flexibility as the files can be edited, written to, backed up, used as templates for other installations and so on.

Other applications can communicate with firewalld using D-bus.

参考:4.5. USING FIREWALLS

阅读全文 »