[CentOS] C7, firewalld and rich rules
Gordon Messmer
gordon.messmer at gmail.com
Thu Jan 31 17:13:31 UTC 2019
On 1/30/19 10:05 PM, Simon Matter via CentOS wrote:
> Did you look at Shorewall? IMHO that's what is best used in such
> situations and it works since many years now.
shorewall doesn't support nftables, which is largely the point of
firewalld: The Linux firewall system is currently undergoing yet
another deprecation and migration from iptables to nftables. firewalld
should remain stable during the migration process. As far as I know,
there are no plans to support nftables under shorewall, so new users
will most likely throw away any investment they make in learning and
implementing shorewall.
More information about the CentOS
mailing list