Hello,
I know cent7 uses firewalld by default. However, I typically turn it off and use iptables.service. Just wondering if anyone else does this as well. In my case it is easier to just use a bash script or old saved iptables-save for initial firewall set up. Is there a reason firewalld is now the default? Was just curious if it was a security concern or a usability issue.
Thanks,
dmunk
[SOLVED]firewalld vs iptables.service
[SOLVED]firewalld vs iptables.service
Last edited by dmunk on 2016/03/20 17:45:16, edited 1 time in total.
Re: firewalld vs iptables.service
As a guess, I suspect RH is trying to abstract the firewall behind a tool (or set of tools) so that changes are not so dramatic Perhaps nftables is the future?
SOLVED Re: firewalld vs iptables.service
Thanks. I agree. Guessing maybe makes things easier with things like puppet and the like. I'll just say this is solved.
Re: [SOLVED]firewalld vs iptables.service
Two of us do, and one other person doesn't. (Turn off firewalld and use iptables.)
Although I'm one who turns it off, I agree with the one who doesn't, who says, You know that sooner or later we'll have to learn this.
Although I'm one who turns it off, I agree with the one who doesn't, who says, You know that sooner or later we'll have to learn this.
New users should check the FAQ and Read Me First pages
-
jeffmcneill
- Posts: 1
- Joined: 2016/11/01 02:28:19
Re: [SOLVED]firewalld vs iptables.service
This resource is a nice comparison. Basically, yes, firewalld sits on top of iptables, but has more functionality as well. See: https://www.unixmen.com/iptables-vs-firewalld/