In the realm of Linux system administration, managing network traffic is a critical task, and firewalld is a powerful tool that simplifies this process. One of the key aspects of using firewalld is understanding and manipulating its rules. This article delves into the intricacies of listing and managing firewalld rules on Linux systems.

Firewalld is a dynamic, managed firewall service that uses iptables or nftables as its backend. It provides a user-friendly interface for managing firewall rules and supports both IPv4 and IPv6 protocols. Before we dive into listing rules, let's ensure you have firewalld installed and running on your Linux system.

Understanding Firewalld Rules
Firewalld rules are defined in a specific format, consisting of several components: zone, source, port, protocol, and target. Understanding these components is crucial for managing rules effectively.

Zones are used to group rules based on the trust level of the network interface. Common zones include 'home', 'work', 'public', and 'trusted'. Sources define the IP addresses or networks that the rule applies to. Ports specify the network ports that the rule affects. Protocols can be 'tcp', 'udp', or 'any', and the target defines the action to take when a packet matches the rule (e.g., 'accept', 'reject', or 'drop').
Listing Firewalld Rules

To list all active firewalld rules, use the following command in your terminal:
firewall-cmd --list-all
This command will display a list of all rules, grouped by their respective zones. You can also list rules for a specific zone using the following command:
firewall-cmd --list-all-zones
To list rules for a specific zone, replace 'all' with the desired zone name:

firewall-cmd --list-all --zone=public
Listing Permanent Firewalld Rules
By default, firewalld rules are stored in memory and are not persistent across reboots. To list permanent rules that will survive system restarts, use the following command:
firewall-cmd --list-permanent
To list permanent rules for a specific zone, append the zone name to the command:

firewall-cmd --list-permanent --zone=public
Manipulating Firewalld Rules
Now that we've covered listing rules, let's explore how to add, remove, and modify rules using firewalld.




















To add a new rule, use the following command template, replacing the placeholders with your desired values:
firewall-cmd --permanent --zone=ZONE --add-RULE
For example, to add a rule that accepts incoming SSH connections from the 'trusted' zone, use the following command:
firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="22" accept
Removing Firewalld Rules
To remove a rule, use the following command template, replacing 'RULE' with the rule you want to delete:
firewall-cmd --permanent --zone=ZONE --remove-RULE
For example, to remove the previously added SSH rule, use the following command:
firewall-cmd --permanent --zone=public --remove-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="22" accept
Reloading Firewalld
After adding or removing rules, you must reload firewalld for the changes to take effect:
firewall-cmd --reload
Alternatively, you can use the '--permanent' flag to apply changes immediately and make them persistent across reboots:
firewall-cmd --permanent --reload
In conclusion, mastering firewalld rules is essential for securing your Linux system and managing network traffic effectively. By understanding how to list, add, remove, and modify rules, you'll be well-equipped to protect your system and optimize its performance. Keep exploring the vast world of Linux administration to unlock its full potential.