Firewalld and iptables

PSA: if working with iptables on a RHEL 7 and you want to move to firewalld, don't uninstall iptables. Iptables actually acts as the go between netfilter and firewalld. Also, if you uninstall iptables you will be uninstalling applications that have rules associated with them. Stick with masking iptables and unmasking firewalld. You can uninstall iptables-services package safely, but never the iptables package.

Comments

  • hiddenknight821hiddenknight821 Posts: 1,209Member ■■■■■□□□□□
    Agreed. I actually discovered this when I set up fail2ban on my server. You can learn a lot by just paging through the systemctl list-units --type=service --all on a vanilla install.

    And a quick way to tell is that you can still run the iptables -L command.
Sign In or Register to comment.