Firewalld On Centos 8

Support for security such as Firewalls and securing linux
Post Reply
Posts: 1
Joined: 2019/10/27 23:32:48

Firewalld On Centos 8

Post by sabto » 2019/10/27 23:40:27

Hi Team

Hope you well today.

I just installed Centos 8 and by default there is no Iptables. So i installed firewalld and start it.

yum install firewalld
systemctl enable firewalld
systemctl start firewalld
service firewalld start

But when I checked using iptabels -nL command, then there is no zone applied.

root@srv2-xandros ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Because usually on centos 7, once we installed and started firewalld, then there will be shown lot of firewall rules applied.


User avatar
Forum Moderator
Posts: 29069
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Firewalld On Centos 8

Post by TrevorH » 2019/10/28 10:12:41

Firewalld on CentOS 8 uses nftables as its backend, not iptables.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
Posts: 2925
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Firewalld On Centos 8

Post by jlehtone » 2019/10/28 21:36:31


Code: Select all

nft list ruleset

If you look at the file 'iptables', then you will see that it is mere symlink to "xtables" binary that uses nftables API. A backward-compatibility tool that accepts "iptables syntax" but somehow translates them into nft rules.

However, rules added and seen with 'iptables' are a subset of the nftables ruleset that CentOS 8 has by default. (Firewalld adds a different subset.)

Post Reply

Return to “CentOS 8 - Security Support”