On Jul 28, 2021, at 08:44, Jonathan Billings <billings at negate.org> wrote:> > For what it?s worth, if you use the fail2ban-firewalld package, it uses ipset rather than iptables, which is more efficient.That?s in CentOS 7 though. CentOS 8 firewalld uses nft instead of the older netfilter (iptables/ipset) code. -- Jonathan Billings
mario juliano grande-balletta
2021-Jul-28 12:56 UTC
[CentOS] VzLinux - Opinions? Thoughs, Comments? - no microsoft involvement/contamination
Anyone using or working with VzLinux, seems to be an upstream distro of CentOS/RHEL and no vendors involved.... Would love to hear experiences..... thanks! :-) On Wed, 2021-07-28 at 08:49 -0400, Jonathan Billings wrote:> On Jul 28, 2021, at 08:44, Jonathan Billings <billings at negate.org> > wrote: > > For what it?s worth, if you use the fail2ban-firewalld package, it > uses ipset rather than iptables, which is more efficient. > That?s in CentOS 7 though. CentOS 8 firewalld uses nft instead of the > older netfilter (iptables/ipset) code. > --Jonathan > Billings_______________________________________________CentOS mailing > listCentOS at centos.orghttps://lists.centos.org/mailman/listinfo/centos
>> For what it?s worth, if you use the fail2ban-firewalld package, it uses ipset rather than iptables, which is more efficient. > >That?s in CentOS 7 though.>CentOS 8 firewalld uses nft instead of the older netfilter (iptables/ipset) code.Is that an improvement? I'm still running Centos7 so I'm not familiar with it.