[CentOS] Stupid C7 firewall question

Thu Oct 25 14:53:13 UTC 2018
Blake Hudson <blake at ispn.net>

Joel Freeman wrote on 10/24/2018 9:06 PM:
> On a similar note, Is there any reason to use Firewalld over IPTables?
> I'm incredibly new to Linux administration, and would like to your guys'
> opinions on it.
> Many thanks,
> Joel.

My first impression was that firewalld and NetworkManager had a more 
desktop oriented/plug-n-play type feel compared to traditional tools 
like network and iptables so I chose to stick with the latter on my 
servers (manual IP4/IP6 configuration and a handful of services, some 
open to the public internet while others open only to certain sources). 
For a laptop or desktop (which probably uses DHCP and has few, if any, 
publicly accessible services) I'd probably stick with the former. I have 
no idea how well tools like fail2ban or logwatch integrate with 
firewalld, but if they work as well or better than iptables that would 
be great. Warren is correct that the firewall-cmd interface is probably 
more intuitive for most folks (especially those not familiar with 
managing iptables).