> From: mattdm@fedoraproject.org
> To: firewalld-users@lists.fedorahosted.org
> Subject: Re: what are the advantages of firewalld over iptables?
>
> On Wed, Aug 19, 2015 at 11:54:54AM -0400, Patrick Hinkley wrote:
> > this is probably a silly question, but I haven't been able to find a
> > very good comparison outlining the advantages of firewalld over
> > iptables -- what are they?
>
> There are two big ones:
>
> - higher-level API programs can use
> - keeping track of state
>
> The classic example for the last one is that with firewalld, you can
> restart iptables without breaking all of your virtual machines.

Do I understand correctly that the state issue (failure to maintain established connections) is only relevant when restarting iptables (service iptables restart), not when e.g. adding/deleting a rule (iptables -A / iptables -D) or restoring (iptables-restore < /etc/sysconfig/iptables)?

>
> --
> Matthew Miller
> <mattdm@fedoraproject.org>
> Fedora Project Leader
> _______________________________________________
> firewalld-users mailing list
> firewalld-users@lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/firewalld-users