Re: Need firewalld clue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




On Sun, 13 Dec 2015 01:46, Nicholas Geovanis <nickgeovanis@...> wrote:

I don't really understand the intent behind firewalld. The RHEL7 Security
Guide states "A graphical configuration tool, *firewall-config*, is used to
configure firewalld, which in turn uses *iptables tool* to communicate with
*Netfilter* in the kernel which implements packet filtering".

So is the goal for firewalld to implement a GUI for iptables? What is the
"value added" by firewalld?
   Thanks....Nick Geo

Well, the order from Kernel inside outward is:

1. Netfilter (inside Kernel), not directly accessible by userland

2. iptables/iptables6, the userland cli tools to manipulate the Netfilter
   entries, mighty and complex, error-prone for casual use.

3. firewalld(RedHat/CentOS), or SuSEfirewall(Suse), or similar are the
   tools that simplify the task of creating the needed iptable rules, as
   not every one wants to write them by hand.

4. GUI tools, that allow to manipulate the config of firewalld (or similar),
   for those that are unfamilar with the command line, or want a quick and
   graphical way to do the job needed.

Does that answer your question about *value added* by GUI tools?

Not every user that needs to change firewall settings is a certified UNIX admin.

 - Yamaban.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux