> On 1/30/19 10:05 PM, Simon Matter via CentOS wrote: >> Did you look at Shorewall? IMHO that's what is best used in such >> situations and it works since many years now. > > > shorewall doesn't support nftables, which is largely the point of > firewalld: The Linux firewall system is currently undergoing yet > another deprecation and migration from iptables to nftables. firewalld > should remain stable during the migration process. As far as I know, > there are no plans to support nftables under shorewall, so new users > will most likely throw away any investment they make in learning and > implementing shorewall. IIRC nftables has a compatibility mode with iptables? Anyway, I thought the future on Linux is bpfilter, no? Until then, I'll continue to enjoy Shorewall as I did for more a decade now. Regards, Simon _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
Re: C7, firewalld and rich rules
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: C7, firewalld and rich rules
- From: Simon Matter via CentOS <centos@xxxxxxxxxx>
- Date: Thu, 31 Jan 2019 18:35:01 +0100
- Importance: Normal
- In-reply-to: <6816de27-23b6-3d64-7ce5-49c38cb29431@gmail.com>
- References: <487b7916986b680d39df27536d3c03f2.squirrel@host290.hostmonster.com> <216d525297fc9dbdcb867d53d50c941b.squirrel@webmail.bi.invoca.ch> <6816de27-23b6-3d64-7ce5-49c38cb29431@gmail.com>
- User-agent: SquirrelMail/1.4.22
- References:
- C7, firewalld and rich rules
- From: mark
- Re: C7, firewalld and rich rules
- From: Simon Matter via CentOS
- Re: C7, firewalld and rich rules
- From: Gordon Messmer
- C7, firewalld and rich rules
- Prev by Date: Re: centos dfcp send hostname to microsoft dhcp/dns
- Next by Date: Re: C7, firewalld and rich rules
- Previous by thread: Re: C7, firewalld and rich rules
- Next by thread: Re: C7, firewalld and rich rules
- Index(es):
 |