[SOLVED]firewalld vs iptables.service

Support for security such as Firewalls and securing linux
Post Reply
User avatar
dmunk
Posts: 37
Joined: 2016/03/16 03:33:49

[SOLVED]firewalld vs iptables.service

Post by dmunk » 2016/03/20 17:19:22

Hello,

I know cent7 uses firewalld by default. However, I typically turn it off and use iptables.service. Just wondering if anyone else does this as well. In my case it is easier to just use a bash script or old saved iptables-save for initial firewall set up. Is there a reason firewalld is now the default? Was just curious if it was a security concern or a usability issue.

Thanks,

dmunk
Last edited by dmunk on 2016/03/20 17:45:16, edited 1 time in total.

aks
Posts: 3054
Joined: 2014/09/20 11:22:14

Re: firewalld vs iptables.service

Post by aks » 2016/03/20 17:37:02

As a guess, I suspect RH is trying to abstract the firewall behind a tool (or set of tools) so that changes are not so dramatic Perhaps nftables is the future?

User avatar
dmunk
Posts: 37
Joined: 2016/03/16 03:33:49

SOLVED Re: firewalld vs iptables.service

Post by dmunk » 2016/03/20 17:44:52

Thanks. I agree. Guessing maybe makes things easier with things like puppet and the like. I'll just say this is solved.

scottro
Forum Moderator
Posts: 2476
Joined: 2007/09/03 21:18:09
Location: NYC
Contact:

Re: [SOLVED]firewalld vs iptables.service

Post by scottro » 2016/03/20 17:48:10

Two of us do, and one other person doesn't. (Turn off firewalld and use iptables.)

Although I'm one who turns it off, I agree with the one who doesn't, who says, You know that sooner or later we'll have to learn this.
New users should check the FAQ and Read Me First pages

jeffmcneill
Posts: 1
Joined: 2016/11/01 02:28:19

Re: [SOLVED]firewalld vs iptables.service

Post by jeffmcneill » 2016/11/06 03:28:25

This resource is a nice comparison. Basically, yes, firewalld sits on top of iptables, but has more functionality as well. See: https://www.unixmen.com/iptables-vs-firewalld/

Post Reply

Return to “CentOS 7 - Security Support”