Firewalld - Target (Rich Rule Action)


A target is the action taken if the configuration options match a IP packet.

It's used:

  • as the last word in a rich rule
  • as the default action in a zone.

It's a iptables concept.


Name Rejection
default Hardcoded value that is basically the same as REJECT (may eventually fallback to the INPUT chain)
ACCEPT Accept all incoming packets except those disabled by a specific rule
REJECT Yes Reject all incoming packets except those accepted by a specific rule
DROP No Same as reject
mark ? ?

Discover More
Firewalld - How to filter your traffic based on an IP, port or Region?

This page shows you how to filter your traffic based on a IP with firewalld rich rules. where: --permanent means that the rule will be used even after reboot. --add-rich-rule specifies the rich...
Firewalld - Zone

A zone is a grouping of rule configurations known as zone option. A firewall zone is defined for: a connection, an interface or source address binding (range of source addresses) This is a one-to-many...
IpTables Firewall

iptables is a Firewall and NAT service used as backend by firewalld. The actual iptables rules are created and customized on the command line with the command : iptables for IPv4 and ip6tables for...
What are Rich Rules or Rules in Firewalld?

Rich rule is a line of text that: begins with rule defines a list of options and terminates by an action: accept reject drop mark If a packet matches the options of the rich rule, the...

Share this page:
Follow us:
Task Runner