On 28 Jan 2017 3:02 am, "TE Dukes" <tdukes at palmettoshopper.com> wrote: > -----Original Message----- > From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Gordon > Messmer > Sent: Friday, January 27, 2017 9:23 PM > To: CentOS mailing list > Subject: Re: [CentOS] firewalld > > On 01/27/2017 06:01 PM, TE Dukes wrote: > > I telnet localhost 143, I get connection refused. > > > > What zone is used for the local network and what zone is used for > > outside access? > > All traffic from localhost is allowed. No zone is involved. > > The zone for "outside" access depends on which interface receives the > packet, and what zone you've put that interface in. I believe that defaults to > "public." I'm telneting in from ssh on a machine on the local network, still getting connection refused. The zone apparently means something because an interface can only be on one. Moving it to a different zone results in the same error (same services/ports opened in each zone). I may as well disable firewalld and let my router handle the firewall. I don't plan to use my server as a workstation. Have a read through this and then decide on if you want to use it or not. You can also switch to iptables-service and mask firewalld if you want the same behaviour as in C6. 7.3 also has nftables as a tech preview, but I've not finished my article on that yet.