Firewalld - Network Interface

About

This page is about networks interface configuration in firewalld.

An interface may be assigned / bind to zero or one zone.

Command

Get zone of interface

firewall-cmd --get-zone-of-interface=<interface>

Example: 

firewall-cmd --get-zone-of-interface=eth0

public

List interfaces that are bound to a zone

List interfaces that are bound to a zone 

firewall-cmd   --list-interfaces

Bind interface to zone

firewall-cmd --change-interface=<interface>

Example: 

firewall-cmd --change-interface=eth0 --zone=work

work

By default, the zone for the interface was public but it's no more the case, it has moved. 

firewall-cmd --get-zone-of-interface=eth0

work

Check if an interface is in a zone

firewall-cmd --query-interface=eth0 --zone=work

yes


firewall-cmd --query-interface=eth0 --zone=public

no

Remove the binding to a zone

Remove binding of interface from a zone 

firewall-cmd --remove-interface=<interface> --zone=<zone>

Example: 

firewall-cmd --remove-interface=eth0 --zone=work

success




Discover More
Firewalld - Zone

A zone is a grouping of rule configurations known as zone option. A firewall zone is defined for: a connection, an interface or source address binding (range of source addresses) This is a one-to-many...



Share this page:
Follow us:
Task Runner