Operating system security generally follows a defense in depth model, where security is implemented at different layers in the system. Starting from policies and procedure, physical controls, network perimeter security, host security, application security, and so on, several elements are secured to harden the security of a system. In this, a firewall helps in securing the system, as well as applications, by limiting access to the system. Firewall rules filter packets based on specific criteria, such as IP addresses, port and protocol, and so on.

In Linux, firewall rules are managed by the network filtering subsystem available in the kernel and known as netfilter. The netfilter framework enables the system to inspect, modify, drop, or reject any incoming, outgoing, or forwarded network packet programmatically.

The iptables command is the most popular tool used to interact with netfilter and manage the firewall. The iptables command only manages the IPv4 rules in the firewall. For management of IPv6 rules, the ip6tables command is used, and for software bridges, the ebtables utility is used. However, managing the firewall using the iptables utility is not user friendly and requires a good understanding of both the firewall and iptables command. Thus, to overcome the complexity of iptables and incorporate some advanced features, a new utility, firewalld, was designed.