search for: xyzzyt

...tain classes of systems need to be done automagically. For most RHEL-7 systems which have custom iptables rules.. I thought the package iptables-services.x86_64 sets up everything to keep that going. If you need to move to firewalld because it should support future formats ( nftables, plughtables, xyzzytables, etc.) you are going to need to learn the tool just like you had to from ipchains to iptables days. [Pretty much every conversion tool from ipchains to iptables worked only on the simplest but anyone with a custom firewall ended up having to learn the syntax.] > mark, still lookin...

On 1/30/19 10:05 PM, Simon Matter via CentOS wrote: > Did you look at Shorewall? IMHO that's what is best used in such > situations and it works since many years now. shorewall doesn't support nftables, which is largely the point of firewalld:? The Linux firewall system is currently undergoing yet another deprecation and migration from iptables to nftables. firewalld should