Firewalld On Centos 8

Support for security such as Firewalls and securing linux
Post Reply
sabto
Posts: 1
Joined: 2019/10/27 23:32:48

Firewalld On Centos 8

Post by sabto » 2019/10/27 23:40:27

Hi Team

Hope you well today.

I just installed Centos 8 and by default there is no Iptables. So i installed firewalld and start it.

yum install firewalld
systemctl enable firewalld
systemctl start firewalld
service firewalld start

But when I checked using iptabels -nL command, then there is no zone applied.

root@srv2-xandros ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Because usually on centos 7, once we installed and started firewalld, then there will be shown lot of firewall rules applied.

Thanks
Sabto

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Firewalld On Centos 8

Post by TrevorH » 2019/10/28 10:12:41

Firewalld on CentOS 8 uses nftables as its backend, not iptables.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Firewalld On Centos 8

Post by jlehtone » 2019/10/28 21:36:31

Try:

Code: Select all

nft list ruleset

[Edit:]
If you look at the file 'iptables', then you will see that it is mere symlink to "xtables" binary that uses nftables API. A backward-compatibility tool that accepts "iptables syntax" but somehow translates them into nft rules.

However, rules added and seen with 'iptables' are a subset of the nftables ruleset that CentOS 8 has by default. (Firewalld adds a different subset.)

Post Reply