There is no support for hit-counting and subsequent connection rejection per source IP; a common technique deployed to limit the impact of brute-force hacking and distributed denial-of-service attacks.

[8] firewalld's command syntax is similar to but more verbose than other iptables front-ends like Ubuntu's Uncomplicated Firewall (ufw).

[8] The command-line interface allows managing firewall rulesets for protocol, ports, source and destination; or predefined services by name.

Services are defined as XML files containing port- and protocol-mappings, and optionally extra information like specifying subnets and listing required Kernel helper modules.

firewall-applet was ported from the GTK+ to the Qt framework in the summer of 2015 following the GNOME Desktop’s deprecation of system tray icons.