[CentOS] CentOS 8: what changed (regular UNIX admin commands)?

Jonathan Billings

billings at negate.org
Wed Oct 23 20:32:19 UTC 2019

On Oct 22, 2019, at 15:04, Chris Adams <linux at cmadams.net> wrote:
> firewalld is not really the same thing as iptables though; it's more of
> a management layer on top of just writing raw rules.  One big issue I
> have though is that firewalld always sets up kernel connection state
> tracking, which is not a good thing for some uses (high-traffic DNS
> servers for example).

One major change is that the Firewalld in el8 doesn’t use “iptables” rules (netfilter) but instead “nft” rules (nftables). 

Jonathan Billings

More information about the CentOS mailing list