In RHEL 7, a new firewall solution called Firewalld was introduced. Iptables serive no longer offer in RHEL 8
Firewalld is a dynamic firewall manager which used the iptables command to configure netfilter directly, as an improved alternative to the iptables service.
Firewalld Default Zone
- drop: All incoming packets are dropped and there is no reply
- block: Reject incoming traffic
- public: Represents public, untrusted networks. You don’t trust other computers but may allow selected incoming connections on a case-by-case basis. This is the default zone for all the newly created network interface.
- external: External networks in the event that you are using the firewall as your gateway. It is configured for NAT masquerading so that your internal network remains private but reachable.
- internal: The other side of the external zone, used for the internal network. Computer on same network are trusted, and only selected incoming connections are accepted.
- dmz: Used in DMZ zone. Only selected incoming connections are allowed.
- work: Used for work machines. Most compute on the same network are trusted, and only selected incoming connections are accepted.
- home: A home environment. It generally implies that you trust most of the other computers and that a few more services will be accepted.
- trusted: All network connection are accepted