[CentOS] CentOS 8: what changed (regular UNIX admin commands)?

Wed Oct 23 20:32:19 UTC 2019
Jonathan Billings <billings at negate.org>

On Oct 22, 2019, at 15:04, Chris Adams <linux at cmadams.net> wrote:
> firewalld is not really the same thing as iptables though; it's more of
> a management layer on top of just writing raw rules.  One big issue I
> have though is that firewalld always sets up kernel connection state
> tracking, which is not a good thing for some uses (high-traffic DNS
> servers for example).

One major change is that the Firewalld in el8 doesn’t use “iptables” rules (netfilter) but instead “nft” rules (nftables). 

Jonathan Billings