firewalld.policy-sets

firewalld.policy-sets

Name

firewalld.policy-sets — Policy Sets

Description

What Are Policy Sets?

Policy sets are collections of policies that serve as starting configuration for specific use cases, e.g. a home router. They provide an easy way to get started. Users may then fine tune the configuration for their environment. Every policy set has a dedicated man page to explain its use case.
All policy sets shipped by firewalld are administratively disabled by default. Using them is a matter of adding your interfaces to zones and removing the disable.

Enabling a Policy Set

Below is a complete example for using the gateway policy set. In this example: eth0 is the LAN interface, and eth1 is the uplink to the internet. 
# firewall-cmd --permanent --zone internal eth0
	      # firewall-cmd --permanent --zone external eth1
	      # firewall-cmd --permanent --policy-set gateway --remove-disable
	      # firewall-cmd --reload

Enabling Multiple Policy Sets

Policy sets are guaranteed to interoperate. Multiple policy sets may be enabled simultaneously.

Existing Policy Sets

gateway

Provides basic functionality for a gateway, e.g. a home router. See firewalld.policy-set-gateway(5).

See Also

firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.dbus(5), firewalld.icmptype(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5), firewalld.zones(5), firewalld.policy(5), firewalld.policies(5), firewalld.ipset(5), firewalld.helper(5)

Notes

firewalld home page:

http://firewalld.org