About

This page is about the source definition ¹⁾ of traffic in a firewalld zone.

The source value can be seen in the zone options

Is an optional empty-element tag and can be used several times.

Usage

It's used to bind to a zone:

• a source address,
• address range in a CIDR format: 192.0.2.0/24,
• a MAC address
• or an ipset

Entry

A source entry has exactly one of these attributes:

• address=“address[/mask]” - The source is either an IP address or a network IP address with a mask for IPv4 or IPv6. The network family (IPv4/IPv6) will be automatically discovered. For IPv4, the mask can be a network mask or a plain number. For IPv6 the mask is a plain number. The use of host names is not supported.
• mac=“MAC” - The source is a MAC address. It must be of the form XX:XX:XX:XX:XX:XX.
• ipset=“ipset” The source is an ipset.

From the command line:

--add-source=ipset:ipsetName