Hi, everyone
I’m using Debian 11 and firewalld to manage firewall, when I check my default zone (external zone) I notice there so many veth* interface added to that zone, by restarting the firewalld using firewall-cmd --reload those interface are gone.

But what is this?

Also I started the docker daemon with iptables: false on daemon.json

external (active)
  target: default
  icmp-block-inversion: no
  interfaces: eno1 veth05c56e1 veth0bfce29 veth1066761 veth1ad92e9 veth24959fc veth28af218 veth3e119b7 veth67b896b veth9a88a33 vethb7311bb vethcef0be8 vethecd4fbc vethed61210
  sources:
  services: dns docker-swarm http https mountd nfs rpc-bind ssh
  ports:
  protocols:
  forward: no
  masquerade: yes
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Docker creates veth interfaces for inter-container communication. That is probably what you see.