Why Firewalld is adding more chains

Question

I'm using firewalld instead of iptables. I'm using the public zone. I don't want to accept any coming requests. rejecting with icmtp.

So what does that mean ? why I always see accepted from anywhere ?

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
INPUT_direct  all  --  anywhere             anywhere
INPUT_ZONES_SOURCE  all  --  anywhere             anywhere
INPUT_ZONES  all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere             ctstate INVALID
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

score 0 · Answer 1 · answered Feb 07 '17 at 08:31

You use firewalld instead of manually configuring iptables rules maybe. In the end firewalld applies iptables rules. The last rules in iptables is rejecting all the traffic.

The default policy of your INPUT chain is allow. Then you accept connection with state RELATED, ESTABLISHED etc. Then you drop connection with state INVALID. Then you reject everything. If you have no accept rules at all then now traffic will go to or from your linux box.

Why Firewalld is adding more chains

1 Answers1