Date: Wed, 19 Aug 2015 19:07:11 -0400
From: mattdm(a)fedoraproject.org
To: firewalld-users(a)lists.fedorahosted.org
Subject: Re: what are the advantages of firewalld over iptables?
On Wed, Aug 19, 2015 at 11:54:54AM -0400, Patrick Hinkley wrote:
> this is probably a silly question, but I haven't been able to find a
> very good comparison outlining the advantages of firewalld over
> iptables -- what are they?
There are two big ones:
- higher-level API programs can use
- keeping track of state
The classic example for the last one is that with firewalld, you can
restart iptables without breaking all of your virtual machines.
Do I understand correctly that the state issue (failure to maintain established
connections) is only relevant when restarting iptables (service iptables restart), not
when e.g. adding/deleting a rule (iptables -A / iptables -D) or restoring
(iptables-restore < /etc/sysconfig/iptables)?
--
Matthew Miller
<mattdm(a)fedoraproject.org>
Fedora Project Leader
_______________________________________________
firewalld-users mailing list
firewalld-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/firewalld-users