I am not a professional firewall engineer, I just use it on Linux.
With this in mind, I have learned over the last 1+ year to list all of the zones, see how the zones are configured and so on.
The problem is I really need to understand the BASIC concepts of a firewalld firewall so that I can understand why I am doing what I am doing, not just the meaning of a --switch-option and what it does.
What happens if a zone is active, but there is no interface assigned? What is the worse that could happen?
If the sources for a zone are defined and there are also services or ports assigned to that active zone, does that mean only those sources can access those explicitly defined services and ports? That makes sense to me, but I am experiencing something else if that is truly the case.
How do I know when I should use which zone for whatever purpose?
I don’t really just want the answers to these questions but maybe a pointer to a great, no fantastic, reference explaining the basics of firewalld components and concepts. I want to be strong in this technology, not just aware.