Firewalld - Configuration

About

This page is about the configuration of firewalld

Directories

Configurations are stored in files located in 2 directories: ¹⁾:

The directory /usr/lib/firewalld that contains the default and fallback configuration (standard)
The directory /etc/firewalld that contains the system or user configuration (modified)

Runtime vs Permanent

By default, all configurations created with the command line or GUI are not permanent. They are lost when the host reboots. When you have tested your rule, you need to switch them to permanent and recreate them with the –permanent option

List of permanent services

firewall-cmd --zone=public --permanent --list-services

Make runtime to permanent

firewall-cmd --runtime-to-permanent

Enable for a period of time

You can enable an option for a time interval.

Example: Enable a service in a zone for 30 seconds

firewall-cmd [--zone=<zone>] --add-service=<service> --timeout=30

Check

firewall-offline-cmd --check-config

¹⁾

https://firewalld.org/documentation/configuration/directories.html