[ale] Firewalld is incomplete

Alex Carver agcarver+ale at acarver.net
Sun Jan 27 12:18:28 EST 2019


Perhaps but it seems like overkill to have a Python script (at the
moment I'm overlooking the imposed need to run an interpreter on your
firewall) managing iptables when, according to the documentation, any
rule that isn't a very simple one has to use what firewalld calls "rich
rules" which look exactly like a more verbose version of an iptables
command.  It seems if you're going to have to issue a command that looks
just like an iptables command then why not cut the middleman and run
iptables?  It already shows in the flow chart that it's just a wrapper
to iptables anyway (no direct access to the kernel).

On 2019-01-27 09:07, DJ-Pfulio via Ale wrote:
> firewalld is just another interface into the Linux kernel firewall, just
> like iptables or ufw.
> 
> New things take time to mature.  It will get there, but that takes time.


More information about the Ale mailing list