The problem that you may encounter using interfaces assigned to your zones is that it does not differentiate between network addresses. Often, this is not an issue as only one network address is bound to the NIC; however, if you have more than one address bound to the NIC, you may want to implement the
firewalld source. Like interfaces, sources can be assigned to zones. In the following command, we will add a network range to the
trusted zone and another range, perhaps on the same NIC to the
# firewall-cmd --permanent --zone=trusted --add-source=192.168.1.0/24 # firewall-cmd --permanent --zone=public --add-source=172.17.0.0/16
Similar to interfaces, binding a source to a zone will activate that zone and will be listed ...