On 04.05.2023 16:18, Will Furnell - STFC UKRI wrote:
Is there a way to get firewalld to evaluate rules in multiple zones in a chain like
icinga -> public -> DENY?
No, that's not possible. Each packet is associated with one rule only
(technically rules are applied sequentially and the first matching rule
wins) and each zone is terminal - it gives final verdict.