Yamaban wrote:
>> So is the goal for firewalld to implement a GUI for iptables? What is the
>> "value added" by firewalld?
>> Thanks....Nick Geo
>
> Well, the order from Kernel inside outward is:
>
> 1. Netfilter (inside Kernel), not directly accessible by userland
>
> 2. iptables/iptables6, the userland cli tools to manipulate the Netfilter
> entries, mighty and complex, error-prone for casual use.
>
> 3. firewalld(RedHat/CentOS), or SuSEfirewall(Suse), or similar are the
> tools that simplify the task of creating the needed iptable rules, as
> not every one wants to write them by hand.
>
> 4. GUI tools, that allow to manipulate the config of firewalld (or
> similar),
> for those that are unfamilar with the command line, or want a quick
> and graphical way to do the job needed.
It might be mentioned that the previous firewall is still available.
It can obtained by "yum install system-config-firewall".
Actually I use shorewall - I'm not sure how this compares with firewalld.
It is certainly much better documented.
--
Timothy Murphy
gayleard /at/ eircom.net
School of Mathematics, Trinity College, Dublin
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
