On 25-10-2014 09:40, Timothy Murphy wrote: > Vijay Rajah wrote: > >> You can still use iptables with Centos7, if you want... (AFAIK both >> firewalld & iptables use the same kernel functions) Yes.. both are just frontends for iptables with profile presets, no more than that. > As a matter of interest, how does firewalld compare with shorewall? > They look rather similar. Pretty much same idea, but firewalld should be more evolved in terms of user friendly. It even has a GUI if you want. firewalld also has other abilities, like allowing changing just the runtime configuration, or just the persistent one.. Yet, if you are an advanced shorewall/iptables user, you may struggle to do the same on firewalld without resorting to its --direct commands. > I am running CentOS-7 on a home server, with shorewall. > I was not aware until I read this thread that firewalld was installed, > but I find now that it is running. > I'm rather surprised there have been no conflicts with shorewall. > Maybe one over-rules the other? > > (I notice it is installed but not running on my Fedora-20 laptop.) Probably your shorewall is just starting later than firewalld and is overwritting firewalld rules Marcelo