Scroll to navigation

FIREWALLD.POLICY-(5) Firewalld Policy Sets FIREWALLD.POLICY-(5)

NAME

firewalld.policy-sets - Policy Sets

DESCRIPTION

What Are Policy Sets?

Policy sets are collections of policies that serve as starting configuration for specific use cases, e.g. a home router. They provide an easy way to get started. Users may then fine tune the configuration for their environment. Every policy set has a dedicated man page to explain its use case.

All policy sets shipped by firewalld are administratively disabled by default. Using them is a matter of adding your interfaces to zones and removing the disable.

Enabling a Policy Set

Below is a complete example for using the gateway policy set. In this example: eth0 is the LAN interface, and eth1 is the uplink to the internet.

	      # firewall-cmd --permanent --zone internal eth0
	      # firewall-cmd --permanent --zone external eth1
	      # firewall-cmd --permanent --policy-set gateway --remove-disable
	      # firewall-cmd --reload

Enabling Multiple Policy Sets

Policy sets are guaranteed to interoperate. Multiple policy sets may be enabled simultaneously.

Existing Policy Sets

gateway

Provides basic functionality for a gateway, e.g. a home router. See firewalld.policy-set-gateway(5).

SEE ALSO

firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.dbus(5), firewalld.icmptype(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5), firewalld.zones(5), firewalld.policy(5), firewalld.policies(5), firewalld.ipset(5), firewalld.helper(5)

NOTES

firewalld home page:

http://firewalld.org

AUTHORS

Thomas Woerner <twoerner@redhat.com>

Developer

Jiri Popelka <jpopelka@redhat.com>

Developer

Eric Garver <eric@garver.life>

Developer
firewalld 2.4.0