Firewalld On Centos 8

Support for security such as Firewalls and securing linux
Post Reply
sabto
Posts: 1
Joined: 2019/10/27 23:32:48

Firewalld On Centos 8

Post by sabto » 2019/10/27 23:40:27

Hi Team

Hope you well today.

I just installed Centos 8 and by default there is no Iptables. So i installed firewalld and start it.

yum install firewalld
systemctl enable firewalld
systemctl start firewalld
service firewalld start

But when I checked using iptabels -nL command, then there is no zone applied.

root@srv2-xandros ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Because usually on centos 7, once we installed and started firewalld, then there will be shown lot of firewall rules applied.

Thanks
Sabto

User avatar
TrevorH
Forum Moderator
Posts: 27382
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Firewalld On Centos 8

Post by TrevorH » 2019/10/28 10:12:41

Firewalld on CentOS 8 uses nftables as its backend, not iptables.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
CentOS 5 has been EOL for nearly 3 years and should no longer be used for anything!
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
jlehtone
Posts: 2482
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Firewalld On Centos 8

Post by jlehtone » 2019/10/28 21:36:31

Try:

Code: Select all

nft list ruleset

[Edit:]
If you look at the file 'iptables', then you will see that it is mere symlink to "xtables" binary that uses nftables API. A backward-compatibility tool that accepts "iptables syntax" but somehow translates them into nft rules.

However, rules added and seen with 'iptables' are a subset of the nftables ruleset that CentOS 8 has by default. (Firewalld adds a different subset.)

Post Reply

Return to “CentOS 8 - Security Support”