On Sun, Apr 19, 2020 at 9:45 AM Anand Buddhdev <anandb at ripe.net> wrote: > > Personally though, I find firewalld to be cumbersome, so I remove it > completely, and installed instead "iptables-services". > Ya, i agonized over accepting firewalld. I'm a smalltime manager who wears many hats and doesn't have alot of time to practice sysadmin skills. It took me about 5 years to get confident with iptables and go from fresh install to company firewall in one sitting. Now that I've adopted firewalld which has a wider variety of command/rule statements, I am constantly hitting "man firewall-cmd" and cannot competently recall iptables in any comprehensible way; it's like mixing Japanese and English whenever I try to communicate with a centos box firewall, heh.