From my reading and experiments it seems that I cannot block outgoing traffic for a particular zone or device.
I ask because I would like to connect to A VPN, then allow only ssh and DNS traffic to that VPN. Other traffi
I can do this using the direct interface, but the rules apply globally not just to the zone.
This command will create a rule that disables all outgoing connections despite seeming to support the zone argument. firewall-cmd --zone=myvpn --direct --add-rule ipv4 filter OUTPUT 1 -j DROP
So if someone could please confirm that what I am asking is not possible.
Thanks