Display Firewall Zone Properties

The firewalld management service filters all incoming interface traffic into one or more predefined zones. Each predefined zone has its own set of firewall rules for accepting or denying packets.

A default zone called, public, is automatically assigned to the host system during the installation of Oracle Linux. In cases, where a host system is configured as a multi-zoned system, other predefined zones are available to view in addition to the default public zone.

Using the Networking page in the web console, Cockpit administrators can view the firewall management rules associated with each zone.

What You Need

• The Cockpit web console must be installed and accessible.

  For details, see these topics: Install and Enable Cockpit and Log in to the Cockpit Web Console.

• The cockpit-networkmanager package is installed. Typically, this package is installed by default. For package installation details, see Install and Manage Add-on Applications.
• Administrator privileges.

Steps

Using the Cockpit web console, follow these steps to review the host system's current Zone information:

1. In Cockpit navigation pane, click Networking. The Networking page appears.
2. In the Networking page, find the Firewall panel and perform one of the following to access and view the predefined zoning information:
   • Click the zone link appearing under the Firewall heading.

     Important:

     The name of the zone link indicates the number of active zones. A zone is only active if it has at least one interface or source assigned.
   • Click Edit rules and zones in the Firewall panel.

     Note:

     For information on how to edit the firewall management rules associated with a predefine zone, see Control Access to Zone Services.
   Information about each predefined zone appears in tables, for example:
   • Firewalld predefined zone name. The name of the predefined zone appears. For example: Public, External, DMZ, Work, Home, or Internal.
   • Interfaces and source addresses. The names of the interfaces and source addresses that are allowed access through the predefined zone appear.

     Important:

     Firewalld doesn't automatically pair the interface source IP address ranges to the default public zone. It does, however, automatically pair all the interface names to the default public zone. Interface names are the host names for the physical and virtual network interfaces that are configured on the system.
   • Services and ports. The names of the access-allowed services and ports associated with the predefined zone appear.