AlkantarClanX12

Your IP : 18.222.20.30


Current Path : /usr/share/locale/zh_TW/LC_MESSAGES/
Upload File :
Current File : //usr/share/locale/zh_TW/LC_MESSAGES/firewalld.mo

���
-�"
�"�"�"q�#\R$"�$�%�%�%�%�%&	&&&+&	A&K&
\&	j&
t&�&�&�&
�&�&�&
�&�&
�&�&I�&{C'[�'�(b�(�)��)�^*EF+%�+�+�+	�+�+��+k,p,v,|,�,�,�,�,�,�,�,
--&-4@-&u-$�-%�-'�-$.4.:.A.H.\.n.�.�.2�.2�././?/
L/Z/b/$q/.�/"�/�/$0-0$K0p0|0�0#�0��0^1m1]z1
�1�1�1n
2y2,�2?�2333"3/3<3Q3i3
u3�3�3
�3�3�3�3
�3�3�3	4
4(4	74A4N4Z4g4	v4�4�4�4�4��4�5�5k�5-"6P6f6:�6�6�6�6�6�6�67r27	�7�7�7��7C�82�8L9R9	^9
h9us9�9�9�9J:M:R:X:]:	c:�m:��:m�;Q1<��<#=*=	J=
T=_=
l=z=�=�=�=�=�=�=�=�=l>	x>
�>�>$�>�>��>L?R?X?h?�u?%V@|@��@yA�A�A�A�A6�A'�A	B#B >B
_BmB
}B�BD�B�B	�BD�B)4C&^C%�C'�C$�C*�C!#DED^DxD�D�D:�DBE:JE�E�E�E�E�E	F+!FMFfF�F/�F%�F5�F?%G*eG#�GI�G�GHH&H8H>HFH	OHYH	bH	lHvH��HbIiI|I�I�I�I�I�I�I�IJJ(J4JDJUJaJwJ
�J�J�J�J�J	�J
�J�J�J�J	K)KHKbK~K�Kq�KL
LL0LL7L�L�L�L�L�LA�L�L�LMM
M�M��M*sN��O�DPD
QSOQ+�Q�Q��Q��R�T��T)UBU
KUVUW^U*�U�U�UVVV	 V	*V
4V?VKVTV\VhV&mV#�V+�V)�VMW0\W(�W^�WAX;WX�X�X�X�X�X�X�X	�X�X�X�X�X�X�X�XY	YYY-YJYWY
\Y	gYqYvYY
�Y�Y�Y�Y�Y�Y�Y�Y
�Y�Y�Y�Y�Y�Y�Y�Y�Y�Y�YZZ
Z$Z&(ZOZ�fZ
;\F\�H\�]U�]�]�^	�^�^	__"_)_6_F_S_i_v_�_�_�_�_�_�_�_�_```0`F`HS`c�`]af^aW�a�b��b�gcENd$�d�d�d�d�du�die	peze	�e�e�e�e�e�e�e�eff%fB>f*�f&�f'�f'�f'#gKg	OgYg`gsg�g�g�g'�g$�gh'h	:h	DhNh	Uh_h${h"�h�h#�h#i&+iRiYi`igi��ij$j^1j�j�j�jl�j 4k*Uk9�k	�k�k	�k	�k�k�k�kll&l6lClPlill�l�l�l�l�l�l�l�lmm#m9mFm	MmWmdm�kmn"nM)n%wn�n�n5�no	o	o"o8oHoeoj~o�o	�o	�o�	pW�p6"qHYq�q�q�qj�q4rArGr6Mr�r�r�r�r�r��r�Dso
tF}tr�t7u >u_ufumu}u	�u�u�u�u�u�uvv vo6v�v�v	�v�v�v{�v	rw	|w�w�w��wxx
�x�x�x	�x�x�x	�x2�x,yKy"ay*�y�y�y�y�yB�y/z6z<=z$zz$�z(�z�z{$+{P{o{�{�{�{�{3�{?|3U|�|�|�|�|�|�|,}@}S}i}*|} �}/�}A�}!:~!\~9~~	�~�~�~�~	
	+;BRYpv�}���������Ӏ���	��#�0�@�M�`�m���������ƁӁ�����*�H�f�������`��
�#�0�	F�HP�������	��ʃ=у��	�	$�.��;���#���І�h�@(�Di�'��ֈ���u�w���n���	�	�#�z0�+��	׌�����&�6�F�V�	i�s�z���(��(��3�.�PC�5��-ʎ^��CW�@��܏�
�
��
�
��	"�,�3�:�	>�H�	O�Y�`�c�	j�t�.{�����
��	ɐӐڐ�
���������#�*�1�5�<�C�J�Q�X�	\�f�m�y�����'����/���t���8y��s�[��L���Qu��$�AX�D
���m�vni��_��M����;�
�+)��Gz�{,G����S�aH���9��M�sn�/�v�	�o;Ei�R:�x�t:|�5}e-�N�I"pL����_4�� 8��*Zq{$~�7�(��Fqa�23
3�BIB�CjK��	�!�Y����N].,��VY���^z��\Zf1�y�rC5w�@0�h?�U�����}>Kb�e�d=����dP��<l����Xx|��^V��4=\�2oE�]&r�& 6%��J.�`D�J(wcHm`������O?�����-�j6F*g�A��"�Q��UW!#S�gRf~0�<���b�ucT��1[+T''k�P
��O7�k)�l���9�p�#��>%@Wh���- Select -/A connection tracking helper is assisting to make protocols work that are using different flows for signaling and data transfers. The data transfers are using ports that are unrelated to the signaling connection and are therefore blocked by the firewall without the helper.A firewalld icmptype provides the information for an Internet Control Message Protocol (ICMP) type for firewalld.A firewalld service is a combination of ports, protocols, modules and destination addresses.A firewalld zone defines the level of trust for network connections, interfaces and source addresses bound to the zone. The zone combines services, ports, protocols, masquerading, port/packet forwarding, icmp filters and rich rules. The zone can be bound to interfaces and source addresses.AboutAbout %sActionAction:Active BindingsAddAdd ChainAdd Command LineAdd ContextAdd Entries From FileAdd EntryAdd Forward PortAdd ICMP TypeAdd IPSetAdd InterfaceAdd PassthroughAdd PortAdd ProtocolAdd Rich RuleAdd RuleAdd ServiceAdd SourceAdd User IdAdd User NameAdd ZoneAdd a rule with the arguments args to a chain in a table with a priority.Add additional ports or port ranges, which need to be accessible for all hosts or networks that can connect to the machine.Add additional ports or port ranges, which need to be accessible for all hosts or networks.Add additional source ports or port ranges, which need to be accessible for all hosts or networks that can connect to the machine.Add additional source ports or port ranges, which need to be accessible for all hosts or networks.Add entries to bind interfaces to the zone. If the interface will be used by a connection, the zone will be set to the zone specified in the connection.Add entries to bind source addresses or areas to the zone. You can also bind to a MAC source address, but with limitations. Port forwarding and masquerading will not work for MAC source bindings.Add entries to forward ports either from one port to another on the local system or from the local system to another system. Forwarding to another system is only useful if the interface is masqueraded. Port forwarding is IPv4 only.Add protocols, which need to be accessible for all hosts or networks.Additional chains for use with rules.AddressAllAll FilesAll network traffic is blocked.An IPSet can be used to create white or black lists and is able to store for example IP addresses, port numbers or MAC addresses. ArgsArgs:AuditAudit:Authorization failed.AuthorsAutomatic HelpersBase Helper SettingsBase ICMP Type SettingsBase IPSet SettingsBase Service SettingsBase Zone SettingsBindingsBlock all network trafficBold entries are mandatory, all others are optional.Built-in helper, rename not supported.Built-in icmp, rename not supported.Built-in ipset, rename not supported.Built-in service, rename not supported.Built-in zone, rename not supported.ChainChain:ChainsChange Default ZoneChange Log DeniedChange LogDenied value.Change ZoneChange Zones of Connections...Change default zone for connections or interfaces.Change which zone a network connection belongs to.Change zone of bindingChanges applied.Command lineCommand linesCommentConfiguration:Configure Automatic Helper AssigmentConfigure Automatic Helper Assignment setting.Configure Shields UP/Down Zones...Configure Shields Up/Down ZonesConnection to FirewallD established.Connection to FirewallD lost.Connection to firewalld established.ConnectionsContextContextsCurrent default zone of the system.Currently visible configuration. Runtime configuration is the actual active configuration. Permanent configuration will be active after service or system reload or restart.Default TargetDefault ZoneDefault Zone '{default_zone}' active for connection '{connection}' on interface '{interface}'Default Zone:Default Zone: %sDefault Zone: '%s'Default zone '{default_zone}' {activated_deactivated} for connection '{connection}' on interface '{interface}'Default zone changed to '%s'.Default zone used by network connection '%s'Define ports or port ranges, which are monitored by the helper.Description:DestDestinationDestination:Direct ChainDirect ConfigurationDirect Passthrough RuleDirect RuleEdit ChainEdit Command LineEdit ContextEdit EntryEdit Firewall Settings...Edit Forward PortEdit ICMP TypeEdit IPSetEdit InterfaceEdit PassthroughEdit PortEdit ProtocolEdit Rich RuleEdit RuleEdit ServiceEdit SourceEdit User IdEdit User NameEdit ZoneElementElement:Enable NotificationsEntriesEntries of the IPSet. You will only be able to see entries of ipsets that are not using the timeout option, also only the entries, that have been added by firewalld. Entries, that have been directly added with the ipset command wil not be listed here.EntryErrorFailed to connect to firewalld. Please make sure that the service has been started correctly and try again.Failed to get connections from NetworkManagerFailed to load icons.Failed to read file '%s': %sFailed to set zone {zone} for connection {connection_name}FamilyFamily:FirewallFirewall AppletFirewall ConfigurationFirewallD has been reloaded.Forward to another portForwarding to another system is only useful if the interface is masqueraded.
Do you want to masquerade this zone ?Hashsize:HelperHelpersHere you can define which services are trusted in the zone. Trusted services are accessible from all hosts and networks that can reach the machine from connections, interfaces and sources bound to this zone.Here you can select the zones used for Shields Up and Shields Down.Here you can set rich language rules for the zone.Hide active runtime bindings of connections, interfaces and sources to zonesICMP FilterICMP TypeICMP TypesICMP Types can only be changed in the permanent configuration view. The runtime configuration of ICMP Types is fixed.IP address:IPSetIPSetsIPSets can only be created or deleted in the permanent configuration view.IPv4IPv4:IPv6IPv6:Icmp TypeIf Invert Filter is enabled, marked ICMP entries are accepted and the others are rejected. In a zone with the target DROP, they are dropped.If a command entry on the whitelist ends with an asterisk '*', then all command lines starting with the command will match. If the '*' is not there the absolute command inclusive arguments must match.If you enable local forwarding, you have to specify a port. This port has to be different to the source port.If you enable masquerading, IP forwarding will be enabled for your IPv4 networks.If you specify destination addresses, the service entry will be limited to the destination address and type. If both entries are empty, there is no limitation.IgnoreInitial hash size, default 1024InterfaceInterfacesInvalid nameInvert FilterLevel:LicenseLoad ICMP Type DefaultsLoad IPSet DefaultsLoad Service DefaultsLoad Zone DefaultsLocal forwardingLockdownLockdown WhitelistLockdown locks firewall configuration so that only applications on lockdown whitelist are able to change it.Lockdown:Log DeniedLog:Make runtime configuration permanentMarkMark the ICMP types in the list, which should be rejected. All other ICMP types are allowed to pass the firewall. The default is no limitation.Mark:Mask:Masquerade zoneMasqueradingMasquerading allows you to set up a host or router that connects your local network to the internet. Your local network will not be visible and the hosts appear as a single address on the internet. Masquerading is IPv4 only.Max number of elements, default 65536Maxelem:Meaning: Log of denied packets. But this is too long. LogDenied is also the parameter used in firewalld.conf.Automatic Helpers:Meaning: Log of denied packets. But this is too long. LogDenied is also the parameter used in firewalld.conf.Log Denied:Module:ModulesName already existsName:Netfilter helper modules are needed for some services.Network traffic is not blocked anymore.No Active Zones.No NetworkManager imports availableNo connection to firewall daemonOther Module:Other Protocol:Panic ModePanic Mode:Panic mode means that all incoming and outgoing packets are dropped.PassthroughPermanentPlease be careful with passthrough rules to not damage the firewall.Please configure base ICMP type settings:Please configure base helper settings:Please configure base ipset settings:Please configure base service settings:Please configure base zone settings:Please enter a mark with an optional mask.Please enter a port and protocol.Please enter a protocol.Please enter a rich rule.Please enter a source.Please enter an interface name:Please enter an ipset entry:Please enter an ipv4 address with the form address[/mask].Please enter an ipv4 or ipv6 address with the form address[/mask].Please enter an ipv6 address with the form address[/mask].Please enter the command line.Please enter the context.Please enter the user id.Please enter the user name.Please select a filePlease select a helper:Please select a netfilter conntrack helper:Please select a service.Please select an ICMP typePlease select an ipset:Please select default zone from the list below.Please select ipv and enter the args.Please select ipv and table and enter the chain name.Please select ipv and table, chain priority and enter the args.Please select the automatic helpers value:Please select the log denied value:Please select the source and destination options according to your needs.PortPort / Port Range:Port ForwardingPort and ProtocolPortsPrefix:PriorityPriority:ProtocolProtocol:ProtocolsReload FirewalldReloads firewall rules. Current permanent configuration will become new runtime configuration. i.e. all runtime only changes done until reload are lost with reload if they have not been also in permanent configuration.RemoveRemove All EntriesRemove ChainRemove Command LineRemove ContextRemove Entries From FileRemove EntryRemove Forward PortRemove ICMP TypeRemove IPSetRemove InterfaceRemove PassthroughRemove PortRemove ProtocolRemove Rich RuleRemove RuleRemove Selected EntryRemove ServiceRemove SourceRemove User IdRemove User NameRemove ZoneReset To DefaultRich RuleRich RulesRulesRuntimeRuntime To PermanentSelect zone for connection '%s'Select zone for interface '%s'Select zone for source %sSelect zone for source '%s'ServiceServicesServices can only be changed in the permanent configuration view. The runtime configuration of services is fixed.Shields Down Zone:Shields UpShields Up Zone:Short:Show active runtime bindings of connections, interfaces and sources to zonesSourceSource PortSource PortsSource:SourcesSpecify whether this ICMP Type is available for IPv4 and/or IPv6.SrcTableTable:Target:Text FilesThe Internet Control Message Protocol (ICMP) is mainly used to send error messages between networked computers, but additionally for informational messages like ping requests and replies.The context is the security (SELinux) context of a running application or service. To get the context of a running application use <tt>ps -e --context</tt>.The direct configuration gives a more direct access to the firewall. These options require user to know basic iptables concepts, i.e. tables, chains, commands, parameters and targets. Direct configuration should be used only as a last resort when it is not possible to use other firewalld features.The ipv argument of each option has to be ipv4 or ipv6 or eb. With ipv4 it will be for iptables, with ipv6 for ip6tables and with eb for ethernet bridges (ebtables).The lockdown feature is a light version of user and application policies for firewalld. It limits changes to the firewall. The lockdown whitelist can contain commands, contexts, users and user ids.The mark and the mask fields are both 32 bits wide unsigned numbers.The mask can be a network mask or a number for ipv4.
The mask is a number for ipv6.The mask can be a network mask or a number.The mask is a number.The passthrough rules are directly passed through to the firewall and are not placed in special chains. All iptables, ip6tables and ebtables options can be used.The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority the rule will be added further down. Rules with the same priority are on the same level and the order of these rules is not fixed and may change. If you want to make sure that a rule will be added after another one, use a low priority for the first and a higher for the following.This IPSet uses the timeout option, therefore no entries are visible here. The entries should be taken care directly with the ipset command.This feature is useful for people using the default zones mostly. For users, that are changing zones of connections, it might be of limited use.Timeout value in secondsTimeout:To AddressTo PortTo enable this Action has to be 'reject' and Family either 'ipv4' or 'ipv6' (not both).Trying to connect to firewalld, waiting...Type:Used by network connection '%s'User IDUser IdsUser idUser ids.User nameUser namesUser names.Version:WarningWith limit:ZoneZone '%s' activated for interface '%s'Zone '%s' activated for source '%s'Zone '%s': ICMP type '%s' is not available.Zone '%s': Service '%s' is not available.Zone '{zone}' active for connection '{connection}' on interface '{interface}'Zone '{zone}' active for interface '{interface}'Zone '{zone}' active for source {source}Zone '{zone}' {activated_deactivated} for connection '{connection}' on interface '{interface}'Zone '{zone}' {activated_deactivated} for interface '{interface}'Zone '{zone}' {activated_deactivated} for source '{source}'Zone: %sZones_File_Help_Options_Viewacceptactivatedalertcriticaldaydeactivateddebugdisableddropebemergencyenablederrorfirewall;network;security;iptables;netfilter;forward-porthouricmp-blockicmp-typeinfoinvertedipv4ipv4 and ipv6ipv6ipv:labellevellimitlogmarkmasquerademinutenatnoticeportprotocolrawrejectsecondsecurityservicesource-portwarningwith Type:yes{entry} (Default Zone: {default_zone}){entry} (Zone: {zone})Project-Id-Version: PACKAGE VERSION
Report-Msgid-Bugs-To: 
POT-Creation-Date: 2021-05-25 10:54-0400
PO-Revision-Date: 2018-11-16 08:29+0000
Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>
Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/firewalld/language/zh_TW/)
Language: zh_TW
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Plural-Forms: nplurals=1; plural=0;
X-Generator: Zanata 4.6.2
- 選取 -/連線追蹤輔助器是要輔助使用不同訊號、資料傳輸流向的協定運作。資料傳輸若使用無關訊號連線的連接埠,在沒有輔助器的情況下會被防火牆封鎖。firewalld icmptype 為 firewalld 提供網際網路控制訊息協定 (ICMP,Internet Control Message Protocol) 類型資訊。firewalld 服務可由連接埠、協定、模組、目的地位址等組合而成。firewalld 界域所定義的是綁定該界域之網路連線、介面、來源位址的信任等級。界域能結合服務、連接埠、協定、偽裝、連接埠/封包轉送、icmp 過濾、豐富規則等。界域可以與介面、來源位址等綁定。關於關於 %s動作動作:使用中的綁定加入加入鏈條加入指令列加入情境從檔案新增項目加入條目加入轉送連接埠加入 ICMP 類型加入 IPSet加入介面加入通透加入連接埠加入協定加入豐富規則加入規則加入服務加入來源加入使用者 ID加入使用者名稱加入界域加入有 args 引數的規則到有優先等級的表格的鏈條中。請添加其他連接埠或連接埠範圍,讓所有可連接至本機的主機或網路存取。新增額外的通訊埠或通訊埠範圍,並且必須能被所有主機或網路存取。加入其他來源連接埠或連接埠範圍,讓所有可連接至本機的主機或網路存取。加入其他來源連訊埠或連接埠範圍,讓所有主機或網路均可存取。請添加條目來將介面與此界域綁定。如果介面會被某連線使用,則界域將被設為連線中所指定的界域。請添加條目來將來源位址或區域與此界域綁定。您也可以綁定至 MAC 來源位址,但有限制。port forwarding 與 masquerading 都無法在 MAC 來源綁定上運作。新增條目來從本地端系統上的一個連接埠轉送至另一個連接埠,或由本地端系統轉送至另一部系統。僅在介面卡偽裝時才能轉送至另一部系統。連接埠轉送功能僅適用於 IPv4。新增通訊協定,並且必須能被所有主機或網路存取。要使用的規則的額外鏈條。位址全部所有檔案所有網路交通已封鎖。IPSet 可以用來建立白名單或黑名單,且可以儲存例如 IP 位址、連接埠號、或 MAC 位址等。引數引數:稽核稽核:授權失敗。作者自動輔助器基礎輔助器設定基礎 ICMP 類型設定基礎 IPSet 設定值基礎服務設定基礎界域設定綁定封鎖所有網路交通粗體的條目為強制項目,其他條目則為選用項目。內建輔助器,不支援重新命名。內建 icmp,不支援重新命名。內建 ipset,不支援重新命名。內建服務,不支援重新命名。內建界域,不支援重新命名。鏈鏈條:鏈條變更預設界域變更日誌被拒變更 LogDenied 值。變更區域變更連線的界域...變更連線或介面的預設界域。變更網路連線所屬的界域。變更綁定的界域變更已套用。指令列指令列備註組態:設定自動輔助器指派設定自動輔助器指派設定。設定防禦展開/卸下界域...設定防禦展開/卸下界域與 FirewallD 的連線已建立。與 FirewallD 的連線已中斷。連至 firewalld 的連線已建立。連線情境情境系統的目前預設界域。目前可見的組態。執行時期組態為實際使用中組態。永久組態將在服務或系統重新載入或重新啟動之後啟動。預設目標預設界域預設界域「{default_zone}」使用中:連線「{connection}」,介面「{interface}」預設域:預設界域:%s預設界域:「%s」預設界域「{default_zone}」{activated_deactivated}:連線「{connection}」,介面「{interface}」預設界域變更為「%s」。網路連線 '%s' 所使用的預設界域定義連接埠或連接埠範圍,由輔助器監控。描述:目標目的地目標:直接鏈條直接組態直接通透規則直接規則編輯鏈條編輯指令列編輯情境編輯條目編輯防火牆設定...編輯轉送連接埠編輯 ICMP 類型編輯 IPSet編輯介面編輯通透編輯連接埠編輯協定編輯豐富規則編輯規則編輯服務編輯來源編輯使用者 ID編輯使用者名稱編輯界域元素元素:啟用通知條目IPSet 的條目。您只能看到未使用逾時選項的 IPset 條目,以及加入 firewalld 的條目。已經透過 ipset 指令直接加入的條目不會在此列出。條目錯誤連接 firewalld 失敗。請確定該服務已正常啟動,然後重試。從 NetworkManager 取得連線失敗無法載入圖示。讀取檔案 '%s' 失敗:%s無法為連線 {connection_name} 設定區域 {zone}家庭家庭:防火牆防火牆面板程式防火牆組態FirewallD 已重新載入。轉送至其他連接埠轉送至其他系統的功能僅在介面為偽裝之時才會有用。
您是否想要偽裝此界域?Hashsize:輔助器輔助器你可以在此處定義該界域中有哪些服務值得信任。只要此界域所綁定之連線、介面、來源的主機與網路能觸及本機,則皆可存取這些信任的服務。您可以在這裡選取「防禦展開」與「防禦卸下」所要使用的界域。您可以在這裡設定界域的豐富語言規則。在界域中隱藏連線、介面及來源的使用中執行時期綁定ICMP 過濾器ICMP 類型ICMP 類型ICMP 類型僅可以在永久組態檢視下更動。ICMP 類型的執行時期組態是固定不變的。IP 位址:IPSetIPSetIPSet 只能在永久配置檢視下建立或刪除。IPv4IPv4:IPv6IPv6:Icmp 類型如果啟用了反轉篩選器,系統會接受已標示的 ICMP 項目,但拒絕其他項目。在目標為 DROP 的界域中,它們會被丟棄。如果白名單中的指令條目是以米字號「*」結尾,則所有以該指令列開頭的任何指令皆會匹配。如果「*」並非結尾,則必須精確符合該指令與相關引數。若您啟用本地端轉送,您就必須要指定連接埠。這個連接埠必須和來源連接埠不同。若您啟用偽裝,將為您的 IPv4 網路啟用 IP 轉送功能。若您指定目標位址,服務條目將限於目的地位址與類型。若兩條目皆空,則沒有限制。忽略初始雜湊大小,預設 1024介面介面無效的名稱反轉篩選器等級:授權條款載入 ICMP 類型預設值載入 IPSet 預設值載入服務預設值載入界域預設值本地端轉送封鎖管制封鎖管制白名單封鎖管制會鎖上防火牆組態,只有封鎖管制白名單中列出的應用程式可以改動組態。封鎖管制:已拒絕的日誌記錄:使 runtime 配置永久化標記將清單中應被拒絕的 ICMP 類型標記起來。其他所有 ICMP 則允許通過防火牆。預設值為無限制。標記:遮罩:偽裝界域偽裝偽裝可讓您設置個能讓您本本地端網路連至網際網路的主機或路由器。您的本地端網路不會被看見,且眾主機在網際網路上會顯示成單一位址。偽裝功能僅適用於 IPv4。元素最大數,預設 65536Maxelem:自動輔助器:已拒絕的日誌:模組:模組名稱已經存在名稱:有些服務必須有 Netfilter 輔助器模組。網路交通已不再封鎖。無使用中界域。無可用的 NetworkManager 匯入未有連接防火牆幕後程式的連線其他模組:其他協定:恐慌模式恐慌模式:恐慌模式代表所有連入與傳出封包都會直接丟棄。通透永久使用通透規則時請務必小心以免損壞防火牆。請調整基礎 ICMP 類型設定:請設定基礎輔助器設定值:請調整基礎 IPSet 設定值組態:請設定基礎服務設定:請設定基礎界域設定:請輸入標記與選用的遮罩。請輸入連接埠與協定。請輸入協定。請輸入豐富規則。請輸入來源。請輸入介面名稱:請輸入 ipset 項目:請從格式位址(或遮罩)輸入 IPV4 位址請從格式位址(或遮罩)輸入 IPV4 或 IPV6 位址。請從格式位址(或遮罩)輸入 IPV6 位址請輸入指令列。請輸入情境。請輸入使用者 ID。請輸入使用者名稱。請選擇一個檔案請選取輔助器:請選取 netfilter 連接追蹤輔助器:請選取服務。請選取 ICMP 類型請選取 IPset:請從下列清單中選取預設界域。請選取 ipv 並輸入引數。請選取 ipv 與表格,並輸入鏈條名稱請選取 ipv 與表格、鏈條優先等級,並輸入引數。請選取自動輔助器之值:請選擇已拒絕的日誌值:請根據您的需求選擇來源以及目的地選項。連接埠連接埠 / 連接埠範圍:連接埠轉送連接埠與通訊協定連接埠前綴:優先程度優先等級:協定通訊協定:協定重新載入 Firewalld重新載入防火牆規則。目前的永久組態會變成新的執行時期組態。舉例,所有的執行時期下的變動直到重新載入前都會有效:只要改變不是設在永久組態中,那麼一旦重新載入後所有改動都會消失。移除移除所有項目移除鏈條移除指令列移除情境從檔案中移除項目移除條目移除轉送連接埠移除 ICMP 類型移除 IPSet移除介面移除通透移除連接埠移除協定移除豐富規則移除規則移除選擇的項目移除服務移除來源移除使用者 ID移除使用者名稱移除界域重設回預設值豐富規則豐富規則規則執行時期使 Runtime 永久化選取「%s」連線的界域選取「%s」介面的界域選取 %s 來源的界域選取「%s」來源的界域服務服務服務僅可以在永久組態檢視下更動。服務的執行時期組態是固定不變的。防禦卸下界域:防禦展開防禦展開界域:簡短:在界域中顯示連線、介面及來源的使用中執行時期綁定來源來源連接埠來源連接埠來源:來源指明此 ICMP 類型在 IPv4 與/或 IPv6 中是否可用。來源表表格:目標:文字檔案網際網路控制訊息通訊協定 (Internet Control Message Protocol, ICMP) 主要用在連網電腦間錯誤訊息的傳送,不過也能被用來傳送像是 ping 請求和回應的資訊訊息。情境是指執行中應用程式或服務的安全情境 (SELinux 情境)。若要取得執行中應用程式的情境,請使用指令 <tt>ps -e --context</tt>。直接組態讓您可以更直接地存取防火牆。這些選項需要使用者知曉基礎的 iptables 概念,例如表格、鏈條、指令、參數、目標等。直接組態應該謹以「最後的避風港」的心態對待,只在無法使用其他 firewalld 功能時才使用。每個選項的 ipv 引數必須是 ipv4 或 ipv6 或 eb。ipv4 用於 iptables,ipv6 用於 ip6tables,而 eb 用於乙太網路接橋 (ebtables)。封鎖管制功能是 firewalld 其使用者與應用程式方針的輕量版。它會限制防火牆的更動。封鎖管制白名單可以包含指令、情境、使用者與使用者 ID。標記與遮罩欄位都是 32 位元寬的無正負號數字。IPv4 遮罩可以是網路遮罩或數字。
IPv6 遮罩是數字。遮罩可以是網路遮罩或數字。遮罩為數字。通透規則會直接傳遞給防火牆,而不會放入特殊鏈條中。所有的 iptabls、ip6tables 與 ebtables 選項皆可使用。優先等級用來排序規則。優先等級 0 代表將規則加到鏈條頂端;優先等級數字越高,規則會越往後擺放。相同優先等級的規則位在同個等級中,而這些規則的順序並非固定而可能變動。如果您想要確保某規則在某個規則之後才加入,前者請使用較低的優先等級,後者請使用較高的優先等級。這 IPSet 使用逾時值,因此此處看不到任何條目。這些條目應該直接透過 ipset 指令來處理。此功能對於大多數使用預設界域的人來說很有用處。至於更改連線的界域之使用者,這可能用處不大。時限值,單位為秒時限:至位址至連接埠要啟用此功能,「動作」必須是「拒絕」而「家族」必須是「ipv4」或「ipv6」(而非兩者)。正在嘗試連上 firewalld,等待中...類型:由「%s」網路連線使用使用者 ID使用者 ID使用者 ID使用者 ID。使用者名稱使用者名稱使用者名稱。版本:警告有限制:界域界域「%s」已啟動:介面「%s」界域「%s」已啟動:來源「%s」界域「%s」:ICMP 類型「%s」無法使用。界域「%s」:服務「%s」無法使用。界域「{zone}」使用中:連線「{connection}」,介面「{interface}」界域「{zone}」使用中:介面「{interface}」界域「{zone}」使用中:來源 {source}界域「{zone}」{activated_deactivated}:連線「{connection}」,介面「{interface}」界域「{zone}」{activated_deactivated}:介面「{interface}」界域「{zone}」{activated_deactivated}:來源「{source}」界域:%s界域檔案(_F)求助(_H)選項(_O)檢視(_V)接受已啟動警示嚴重日已停止除錯已停用丟落eb緊急已啟用錯誤防火牆;網路;安全性;iptables;netfilter;forward-port小時icmp-blockicmp-type資訊反轉ipv4ipv4 與 ipv6ipv6ipv:標籤等級限制記錄標記偽裝分鐘nat注意接埠協定原始拒絕秒安全性服務source-port警告此類型:是{entry} (預設界域:{default_zone}){entry} (界域:{zone})