Once upon a time, Samuel Sieb <samuel@xxxxxxxx> said: > I still make my own iptables scripts, mostly using fwbuilder. I > think it might be possible to add the dynamic rules I would like to > have if I switch to firewalld, but I haven't had the time for that > yet. And then there's nftables which is the new replacement for > iptables. Just to clear up some misconception: firewalld is not a replacement for iptables. firewalld is a front-end to iptables, similar to shorewall and some other firewall management tools. firewalld (and shorewall and so on) is a replacement for manually writing rules and putting them in /etc/sysconfig/iptables though. However, iptables is being replaced by nftables (similar to how iptables replaced ipchains in the past). firewalld can use either as a back end. nftables can also be configured using an iptables front-end translator (so if all you want to do is manually write iptables-style rules, that will actually still work with the nftables back-end). -- Chris Adams <linux@xxxxxxxxxxx> _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
