[CentOS] yum remove iptables problem

Tue May 7 07:58:09 UTC 2019
Pete Biggs <pete at biggs.org.uk>

On Tue, 2019-05-07 at 12:07 +1000, Jobst Schmalenbach wrote:
> Hi
> Just got a new server replacing another server.
> I had to use iptables to protect it until I could move a hardware
> firewall from the old server to the new server.
> Now I am trying to delete iptables but it wants to delete lots of
> other dependency packages, e.g. sendmail, cyrus-sasl and even
> plymouth.

Two comments on this really.  First, why get rid of the iptables
package(s)?  Lots of things need it, it's fairly fundamental to the
network.  Why not just disable iptables - something like

   systemctl disable iptables 

is perfectly fine.

Second, why even disable it? The only reason I can see to disable or
stop using it is to use, say, firewalld instead.  All my machines still
run some form of local firewall configuration even though they are
behind 3, 4 or 5 hardware firewalls.

> Can I just use "force" and "no-dependecies" to get rid of it?

No. The dependencies are there for a reason and the things that are
dependent on it would probably just stop working.  Those options are
the "nuclear options" they aren't there because it's inconvenient to
have dependencies.