The predefined services can be seen on a Linux system by using the command, ~]# firewall-cmd -get-services So, an administrator can choose to create their service(s) or make do of the predefined ones. Just as there are predefined zones, there are also predefined services. This service can then be attached to a zone. The combination of ports, protocols, and sometimes IPV4 and IPV6 destination entries makes a service. ~]# cd zones]# lsīlock.xml drop.xml home.xml libvirt.xml trusted.xmlĭmz.xml external.xml internal.xml public.xml work.xmlįirewalld services in this context is a technique firewalld uses to define a firewall rule. If you change directory to this location and do ls, you will see all the configuration files associated with these zones. The predefined zones location is in /usr/lib/firewalld/zones. So whatever network traffic that must be allowed on the system must be configured on the active zone(s). On my system, RHEL 8, there are ten predefined zones by default as seen in the output of the command above. The predefined zones can be seen on the system by using the command, ~]# firewall-cmd -get-zonesīlock dmz drop external home internal libvirt public trusted work The predefined zone(s) can be configured to suit a firewall need. So, an admin can either create their own zone(s) or choose to use one of the predefined zones on the system. Zones can be created by a user but there are already predefined zones on the system that are suitable for their purposes or a lot of puropses. With zone, a lot of complex firewall rules can be easily configured on the system by activating as many zones as possible to suit a firewall need.
![open applet viewer in cmd open applet viewer in cmd](https://www.cs.auckland.ac.nz/~angela/help/UEdit/java.jpg)
![open applet viewer in cmd open applet viewer in cmd](https://slidetodoc.com/presentation_image/280eb26e7a66c94be1de6146d6116f8d/image-15.jpg)
The zone concept in firewalld has made firewall management, as well as traffic management easy compared to iptables.
![open applet viewer in cmd open applet viewer in cmd](http://www.kochini.com/dcomp/je/sho01.jpg)
A zone is a firewall feature where a set of firewall rules is configured on.