Zones

The Zones view lets you can configure firewall zones to group your firewall rules.

At the top of the page is a list of selectable zones.

By default this list contains the LAN and WAN zones, which contain default settings for local and Internet traffic.

When a particular interface is selected, details about it is shown in the configuration section.

Zone configuration

Item Description
Name Identifier for the zone.
Default policy Default behavior for various traffic.
Masquerading Enable firewall masquerading.
MSS Clamping MSS Clamping limit.
Allow forward to destination zones Check zones to permit forwarding.
Allow forward from source zones Check zones to permit forwarding.
Zone members Interfaces that are part of the zone.

Default Policy

The default policy setting defines firewall rules that apply unless specific rules override them.

Item Description
Input Incoming traffic from WAN.
Output Outgoing traffic to WAN.
Forward Traffic from LAN to WAN.

The different default policy values determine the firewall behavior, through the firewall actions:

Firewall Action

The firewall action defines how traffic is handled by the firewall.

Item Description
ACCEPT Allow the traffic.
REJECT Refuse the traffic.
DROP Ignore the traffic.
FORWARD Pass the traffic along.

Add Firewall Zone

To add a firewall zone:

Once the zone has been created, you can use it with your connections.

Add Zone Members

If you have networks/devices set up, you can add them to the zone.

To add a device as a zone member:

The Select network device dialog opens.