On Oct 22, 2019, at 15:04, Chris Adams <li...@cmadams.net> wrote: > > firewalld is not really the same thing as iptables though; it's more of > a management layer on top of just writing raw rules. One big issue I > have though is that firewalld always sets up kernel connection state > tracking, which is not a good thing for some uses (high-traffic DNS > servers for example).
One major change is that the Firewalld in el8 doesn’t use “iptables” rules (netfilter) but instead “nft” rules (nftables). -- Jonathan Billings _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
