[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalld-users
Subject:    Re: what are the advantages of firewalld over iptables?
From:       Thomas Woerner <twoerner () redhat ! com>
Date:       2015-08-24 13:50:23
Message-ID: 55DB211F.6040203 () redhat ! com
[Download RAW message or body]



On 08/21/2015 08:50 PM, Patrick Hinkley wrote:
> I believe I've found an explanation regarding the VM issue you mention:
> http://www.atrixnet.com/red-hat-libvirt-kvm-iptables-what-to-do-when-your-kvm-network-stops-working/
>
> If I understand correctly, the issue is that temporary rules inserted 
> into iptables by other applications are lost when any of the following 
> are called:
> service iptables stop; service iptables start;
> service iptables restart;
> iptables-restore < /etc/sysconfig/iptables;
>
> This issue would not apply when inserting your own temporary rules by 
> such as:
> iptables -A
>
Yes, that is correct.

> The issue would also not apply when making your temporary rules 
> permanent via:
> service iptables save
>
> Is my understanding correct?
>
With service iptables save you are also saving rules of the other 
services, that could collide with new rules if the  configuration of the 
service changed and other rules need to be added instead.
_______________________________________________
firewalld-users mailing list
firewalld-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/firewalld-users

[prev in list] [next in list] [prev in thread] [next in thread]