On Aug 11, 2014, at 1:16 PM, Always Learning <cen...@u62.u22.net> wrote: > Stating one's dread of having imposed as a standard, a firewall that can > not control outgoing packets and has dumbed-down Micro$oft-like 'zones' > and the possible future removal of IP Tables from the very much admired > Centos version of RHEL, is probably a desperate call for sanity to > prevail at Red Hat.
'FirewallD' doesn't replace 'iptables' except in the sense of activated system services, not the core firewall functionality. FirewallD just builds and modifies iptables rules. If anything, FirewallD might make it easier to migrate to nftables (a potential replacement for iptables) when that becomes mature[1]. But that's nowhere on the radar right now. If you don't like FirewallD, don't use it. It's just a tool to make managing your firewall easier, and allowing the OS and user to dynamically load rules depending on certain logic. It replaces the monolithic /etc/sysconfig/iptables file and the 'iptables' systemd unit. No one is talking about removing the core netfilter technology behind 'iptables'. Just reading this thread makes me wonder if people criticizing FirewallD actually even tried it or even read the documentation! 1.) http://netfilter.org/projects/nftables/ -- Jonathan Billings <billi...@negate.org>
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
