{"description": "The dynamic firewall daemon <tt>firewalld</tt> provides a\ndynamically managed firewall with support for network &#8220;zones&#8221; to assign\na level of trust to a network and its associated connections and interfaces.\nIt has support for IPv4 and IPv6 firewall settings. It supports Ethernet\nbridges and has a separation of runtime and permanent configuration options.\nIt also has an interface for services or applications to add firewall rules\ndirectly.\n<br />\nA graphical configuration tool, <tt>firewall-config</tt>, is used to configure\n<tt>firewalld</tt>, which in turn uses <tt>iptables</tt> tool to communicate\nwith <tt>Netfilter</tt> in the kernel which implements packet filtering.\n<br />\nThe firewall service provided by <tt>firewalld</tt> is dynamic rather than\nstatic because changes to the configuration can be made at anytime and are\nimmediately implemented. There is no need to save or apply the changes. No\nunintended disruption of existing network connections occurs as no part of\nthe firewall has to be reloaded.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": ["firewalld_activation", "firewalld_deactivation", "ruleset_modifications"], "rules": ["firewalld-backend", "set_firewalld_appropriate_zone", "unnecessary_firewalld_services_ports_disabled"], "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "title": "firewalld", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-firewalld/group.yml"}