On 30 March 2017 at 19:47, Mark Milhollan mlm@pixelgate.net wrote:
On Wed, 29 Mar 2017, Robert Moskowitz wrote:
On 03/29/2017 07:38 AM, Leon Fauster wrote:
We have good results with http://www.shorewall.net/ an iptables "abstraction". Despite its not a GUI, the streamlined configuration helps to be effective.
From what I can determine, it is still iptables. Not firewalld.
That's what Leon said, shorewall is an iptables abstraction, and iptables is a command that manipulates netfilter.
FirewallD is similar in that it abstracts and simplifies using netfilter without using the iptables command. Which has a GUI that can be used remotely but it is not web based as requested. Fedora's CoPilot probably has a module for it, but I don't know that it can be used with a CentOS based server. Webmin likely has a module for it by now.
Minor correction here ... firewalld is an iptables abstraction like shorewall and it doesn't link into netfilter directly.
You can see that here:
https://github.com/t-woerner/firewalld/blob/master/src/firewall/core/ipXtabl...