[CentOS] FirewallD and Network manager on production servers (C7)

Sat Jul 19 19:34:53 UTC 2014
Ljubomir Ljubojevic <centos at plnet.rs>

On 07/15/2014 08:25 PM, Florian La Roche wrote:
> Hello Eero Volotinen,
> 
> On Tue, Jul 15, 2014 at 08:59:14PM +0300, Eero Volotinen wrote:
>> Hi List,
>>
>> Are you really using firewalld and network-manager on Centos 7 production
>> servers or old way disabling network manager and using pure iptables like
>> on C6?
> 
> I tried to disable NetworkManager, but then ran into the following bug:
> https://bugzilla.redhat.com/show_bug.cgi?id=1105770
> 
> Instead of adjusting the file, I have now switched over to NetworkManager
> (even for local static routes).
> 
> For iptables I'd rather stay with static rules, so iptables is the
> right thing for me...
> 
> (Next item is tuned, which also looks a bit overkill to keep running.)
> 
> Best regards,
> 
> Florian La Roche
> 

NetworkManager does not fully support Bridge interfaces, so since I use
(one for now) C7 server for KVM host, I disabled it and use network instead.

I will also use shorewall instead of Firewalld, at least until I can
understand how it works (stupid looking thing without obvious way of
using it).



-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant