On 30 March 2017 at 19:47, Mark Milhollan <mlm@xxxxxxxxxxxxx> wrote:
> On Wed, 29 Mar 2017, Robert Moskowitz wrote:
>>On 03/29/2017 07:38 AM, Leon Fauster wrote:
>
>>>We have good results with http://www.shorewall.net/ an iptables
>>>"abstraction".
>>>Despite its not a GUI, the streamlined configuration helps to be effective.
>>
> >From what I can determine, it is still iptables. Not firewalld.
>
> That's what Leon said, shorewall is an iptables abstraction, and
> iptables is a command that manipulates netfilter.
>
> FirewallD is similar in that it abstracts and simplifies using netfilter
> without using the iptables command. Which has a GUI that can be used
> remotely but it is not web based as requested. Fedora's CoPilot
> probably has a module for it, but I don't know that it can be used with
> a CentOS based server. Webmin likely has a module for it by now.
>
>
Minor correction here ... firewalld is an iptables abstraction like
shorewall and it doesn't link into netfilter directly.
You can see that here:
https://github.com/t-woerner/firewalld/blob/master/src/firewall/core/ipXtables.py
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
