2.2. Zone

A zone is defined by an arbitrary name and the interface used by the firewall to communicate with the hosts of that zone.

Usually a common network with a firewall is made up of 3 zones: the internal net (usually called good because we are there, the good :-) ) which we should assure a high security level to, the external net that is generally Internet (usually called bad because there are the wicked there, who want "certainly" enter our good zone ;-( ) and finally the zone where we have our public servers, like a web server, which cannot be completely armoured like the good zone because we have to make public services accessible to Internet users (usually called dmz, demilitarized zone). Of course a network can be much more complex, so there could be a lot of dmz or good zones but if you want to set a good firewall you have to follow essentially these rules.

Clicking on "Create new zone" you will see a short form with which you'll be able to set the name you want to assign to the new zone (good, bad, dmz, my_zone, etc.) and the network interface to use to reach it (eth0, eth1, ppp0, etc.).

Now you can click on Create and the new zone will be recorded permanently.

In this way, clicking on the zone name, you can modify the network interface the zone is associated to.