Jump to content
Login new information ×
Login new information
  • Software News

    Firewalld 1.0 Firewall Management Tool is Here with Big Improvements

    aum

    By aum,
    Published Date:

    • 577 views
    • 2 minutes
     Share
    • 577 views
    • 2 minutes

    Firewalld 1.0 Firewall Management Tool is Here with Big Improvements

     

    Ten years after its first release, Firewalld reached version 1.0. The biggest change is removing Python 2 support.

     

    Firewalld is front-end controller for iptables and nftables used to implement persistent network traffic rules. It provides command line and graphical interfaces and is available in the repositories of most Linux distributions. The name Firewalld adheres to the Unix convention of naming system daemons by appending the leter “d”.

     

    Firewalld is easier to manage and configure than iptables. It offer a very flexible way to handle the firewall management compared to iptables. There are no long series of chains, jumps, accepts and denies that you need to memorize to get Firewalld up and running. It manages rulesets dynamically, allowing updates without breaking existing sessions and connections. Changes can be done immediately in the runtime environment. No restart of the service or daemon is needed.

     

    The firewalld service uses zones to control the firewall access. Zones are preconstructed rule sets for various trust levels. You likely have a zone for a given location or scenario, such as home, public, or trusted. Different zones enable different network services and incoming traffic types while denying everything else.

     

    Firewalld 1.0 is a major version bump. It includes breaking and behavioral changes.

     

    What’s new in Firewalld 1.0

     

    Above all, the most notable changes in this release is dropping of Python 2 support and support for intra-zone forwarding by default. It is important to note that from now on the default target is similar to reject.

     

    Firewalld 1.0 is also a feature release. It includes all bug fixes since v0.9.0.

     

    Highlights include:

     

    • Reduced dependencies
    • Intra-zone forwarding by default
    • NAT rules moved to inet family
    • Default target is now similar to reject
    • ICMP blocks and block inversion only apply to input, not forward
    • tftp-client service has been removed
    • iptables backend is deprecated
    • Direct interface is deprecated
    • CleanupModulesOnExit defaults to no

     

    For more information about all changes in Firewalld 1.0, you can refer to the official announcement.

     

    Source

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...