Firewalld icon
Firewalld icon

Firewalld

Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets.

Firewalld screenshot 1

Cost / License

  • Free
  • Open Source

Application type

Platforms

  • Linux
Firewalld alternatives  
-
No reviews
3likes
0comments
24alternatives
0news articles

Features

Suggest and vote on features
  1.  Firewall

 Tags

  • Linux
  • nftables
  • ipset
  • iptables

Firewalld News & Activities

Highlights All activities

Recent activities

Show all activities

Firewalld information

  • Developed by

    firewalld

  • Licensing

    Open Source (GPL-2.0) and Free product.

  • Written in

  • Alternatives

    24 alternatives listed

  • Supported Languages

    • English

AlternativeTo Category

Security & Privacy

GitHub repository

  •  988 Stars
  •  289 Forks
  •  278 Open Issues
  •   Updated  
View on GitHub

Popular alternatives

View all
Firewalld was added to AlternativeTo by CIAvash on and this page was last updated .
No comments or reviews, maybe you want to be first?
Post comment/review

What is Firewalld?

Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets. There is a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add firewall rules directly.

Benefits of using firewalld Changes can be done immediately in the runtime environment. No restart of the service or daemon is needed.

With the firewalld D-Bus interface it is simple for services, applications and also users to adapt firewall settings. The interface is complete and is used for the firewall configuration tools firewall-cmd, firewall-config and firewall-applet.

The separation of the runtime and permanent configuration makes it possible to do evaulation and tests in runtime. The runtime configuration is only valid up to the next service reload and restart or to a system reboot. Then the permanent configuration will be loaded again. With the runtime environment it is possible to use runtime for settings that should only be active for a limited amount of time. If the runtime configuration has been used for evaluation, and it is complete and working, then it is possible to save this configuration to the permanent environment.

Features

  • Complete D-Bus API
  • IPv4, IPv6, bridge and ipset support
  • IPv4 and IPv6 NAT support
  • Firewall zones
  • Predefined list of zones, services and icmptypes
  • Simple service, port, protocol, source port, masquerading, port forwarding, icmp filter, rich rule, interface and source address handlig in zones
  • Simple service definition with ports, protocols, source ports, modules (netfilter helpers) and destination address handling
  • Rich Language for more flexible and complex rules in zones
  • Timed firewall rules in zones
  • Simple log of denied packets
  • Direct interface
  • Lockdown: Whitelisting of applications that may modify the firewall
  • Automatic loading of Linux kernel modules
  • Integration with Puppet
  • Command line clients for online and offline configuration
  • Graphical configuration tool using gtk3
  • Applet using Qt5

Who is using it?

firewalld is used in the following Linux distributions as the default firewall management tool:

  • RHEL 7 and newer
  • CentOS 7 and newer
  • Fedora 18 and newer
  • SUSE 15 and newer
  • OpenSUSE 15 and newer
  • Available for several other distributions

Applications and libraries which support firewalld as a firewall management tool include:

  • NetworkManager
  • libvirt
  • podman
  • docker (iptables backend only)
  • fail2ban

Official Links

AppStores & Other Links