On Mon, 2019-09-02 at 10:53 +0200, Freek de Kruijf wrote:
I found a comprehensive article about firewalld on this web page:
https://www.linuxjournal.com/content/understanding-firewalld-multi-zone-conf...
I'm not sure if I'd call it "comprehensive", but it's a well-written introduction. And I liked this: "Firewalld is an under-documented firewall configuration tool with more potential than many people realize". I wouldn't concur that the author's statement that the concept of zones is truly "innovative". SuSEfirewall2 had a very similar concept. To me, the innovative part is mostly that you can easily change the rule set without a full firewall service reload.
I finally decided to have two zones, internal and external.
Don't take it personally, but it seems to me that yours is a rather basic setup :-) Best regards, Martin