Ask Your Question

The role of firewalld

asked 2014-02-26 08:13:04 -0500

firefexx gravatar image

updated 2014-02-26 11:17:18 -0500

Fedora comes with firewalld by now, the dynamic firewall daemon from RedHat. I thought it is intended to replace iptables.

Then, I read about nftables, which is obviously intended to replace iptables, too. And this technique is going to be included in the kernel by default.

So, I'm wondering what plans RedHat and Fedora have concerning firewalld and nftables. Are they competing techniques? Or will they collaborate in some way?

edit retag flag offensive close merge delete


What commands are used in the firewall enable/disable and what versions are utilizing it?

Sorry about the Q on Q but this might answer my software installation woes in another post.

Mercm gravatar imageMercm ( 2014-02-26 11:10:09 -0500 )edit

I don't understand your question...

firefexx gravatar imagefirefexx ( 2014-02-26 11:17:48 -0500 )edit

If there is a firewall controlling the iptables and nftables, How would we eneble/disable. Under the assumption that there actually is a firewall distributed in Fedora bu Red Hat.

Mercm gravatar imageMercm ( 2014-02-26 11:34:09 -0500 )edit

nftables isn't included yet. If you have a recent installation, firewalld should be the preconfigured firewall solution. You can configure it via the firewall-config GUI or see for cli instructions.

firefexx gravatar imagefirefexx ( 2014-02-26 11:55:23 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2014-02-26 12:04:29 -0500

mether gravatar image

Firewalld is the default firewall frontend for Fedora and there are no plans to change that. If you prefer to use iptables, you can do so now and in the near future, you can use nftables as well. Multiple frontends to the functionality in the kernel is possible and just serve different needs. The introduction of nftables doesn't affect firewalld in any major way.

edit flag offensive delete link more


firewalld is only the frontend? What is the current backend? And is iptables/nftables rather a frontend or a backend?

firefexx gravatar imagefirefexx ( 2014-02-26 12:11:23 -0500 )edit

The backend is the kernel subsystem called netfilter

mether gravatar imagemether ( 2014-02-27 20:15:51 -0500 )edit

ok, thank you.

firefexx gravatar imagefirefexx ( 2014-02-28 04:56:32 -0500 )edit

Question Tools

1 follower


Asked: 2014-02-26 08:13:04 -0500

Seen: 1,504 times

Last updated: Feb 26 '14