firewalld and iptables

All of lore.kernel.org
 help / color / mirror / Atom feed

* firewalld and iptables
@ 2014-07-31 13:37 Paul Greenberg
  2014-07-31 13:54 ` Dennis Jacobfeuerborn
  0 siblings, 1 reply; 4+ messages in thread
From: Paul Greenberg @ 2014-07-31 13:37 UTC (permalink / raw)
  To: netfilter@vger.kernel.org

Hi,

I installed CentOS 7 a few days ago. It seems that iptables commands are still working.  For example, I can still execute:
$ iptables-restore iptables.rules
However, I am unable to permanently store the rules. 

CentOS has a new deamon, called firewalld, with firewalld.conf file. Does any one know how how to force the rules in iptables-save to be permanently saved by firewalld daemon?

Regards,
Paul

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: firewalld and iptables
  2014-07-31 13:37 firewalld and iptables Paul Greenberg
@ 2014-07-31 13:54 ` Dennis Jacobfeuerborn
  2014-07-31 14:12   ` Paul Greenberg
  0 siblings, 1 reply; 4+ messages in thread
From: Dennis Jacobfeuerborn @ 2014-07-31 13:54 UTC (permalink / raw)
  To: Paul Greenberg, netfilter@vger.kernel.org

On 31.07.2014 15:37, Paul Greenberg wrote:
> Hi,
> 
> I installed CentOS 7 a few days ago. It seems that iptables commands are still working.  For example, I can still execute:
> $ iptables-restore iptables.rules
> However, I am unable to permanently store the rules. 
> 
> CentOS has a new deamon, called firewalld, with firewalld.conf file. Does any one know how how to force the rules in iptables-save to be permanently saved by firewalld daemon?

You cannot use manual iptables and firewalld together. If you want to
use naked iptables you have to disable the firewalld service completely
and probably install the iptables-service package.

Regards,
  Dennis


^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: firewalld and iptables
  2014-07-31 13:54 ` Dennis Jacobfeuerborn
@ 2014-07-31 14:12   ` Paul Greenberg
  2014-07-31 14:14     ` Noel Kuntze
  0 siblings, 1 reply; 4+ messages in thread
From: Paul Greenberg @ 2014-07-31 14:12 UTC (permalink / raw)
  To: netfilter@vger.kernel.org

Thank you Denis.

In case someone needs this:
  systemctl status iptables
  systemctl stop firewalld
  yum -y install iptables-services
  systemctl enable iptables
  systemctl start iptables

________________________________________
From: netfilter-owner@vger.kernel.org <netfilter-owner@vger.kernel.org> on behalf of Dennis Jacobfeuerborn <dennisml@conversis.de>
Sent: Thursday, July 31, 2014 9:54 AM
To: Paul Greenberg; netfilter@vger.kernel.org
Subject: Re: firewalld and iptables

On 31.07.2014 15:37, Paul Greenberg wrote:
> Hi,
>
> I installed CentOS 7 a few days ago. It seems that iptables commands are still working.  For example, I can still execute:
> $ iptables-restore iptables.rules
> However, I am unable to permanently store the rules.
>
> CentOS has a new deamon, called firewalld, with firewalld.conf file. Does any one know how how to force the rules in iptables-save to be permanently saved by firewalld daemon?

You cannot use manual iptables and firewalld together. If you want to
use naked iptables you have to disable the firewalld service completely
and probably install the iptables-service package.

Regards,
  Dennis

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: firewalld and iptables
  2014-07-31 14:12   ` Paul Greenberg
@ 2014-07-31 14:14     ` Noel Kuntze
  0 siblings, 0 replies; 4+ messages in thread
From: Noel Kuntze @ 2014-07-31 14:14 UTC (permalink / raw)
  To: Paul Greenberg, netfilter@vger.kernel.org


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

You should also disable firewalld:
systemctl disable firewalld

Regards,
Noel Kuntze

GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 31.07.2014 um 16:12 schrieb Paul Greenberg:
> Thank you Denis.
>
> In case someone needs this:
>   systemctl status iptables
>   systemctl stop firewalld
>   yum -y install iptables-services
>   systemctl enable iptables
>   systemctl start iptables
>
> ________________________________________
> From: netfilter-owner@vger.kernel.org <netfilter-owner@vger.kernel.org> on behalf of Dennis Jacobfeuerborn <dennisml@conversis.de>
> Sent: Thursday, July 31, 2014 9:54 AM
> To: Paul Greenberg; netfilter@vger.kernel.org
> Subject: Re: firewalld and iptables
>
> On 31.07.2014 15:37, Paul Greenberg wrote:
>> Hi,
>>
>> I installed CentOS 7 a few days ago. It seems that iptables commands are still working.  For example, I can still execute:
>> $ iptables-restore iptables.rules
>> However, I am unable to permanently store the rules.
>>
>> CentOS has a new deamon, called firewalld, with firewalld.conf file. Does any one know how how to force the rules in iptables-save to be permanently saved by firewalld daemon?
>
> You cannot use manual iptables and firewalld together. If you want to
> use naked iptables you have to disable the firewalld service completely
> and probably install the iptables-service package.
>
> Regards,
>   Dennis
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJT2k84AAoJEDg5KY9j7GZYEkUP/1uCPbY/Ax9IPJNxrqb6cjwi
LQVWdibPqO1sG6rgqpBJCggBNd05et54XgV0RTq0ZB2ToZOkm1uebrKXzyQA8Am4
f9G+lK0GOG0QuzaAQiTy2+M00Ihh8Rg3RWd7qzEGepZrx4TCQFHAtJnZ8lHrmil0
HJARcwjlYChdAk+qnIHnPsUZ+i94kyhM3Q2Okhz4T+sRlRdKtM7KV/UCpvDRmNcE
VbpD4Zmh3bgt0a48goslA4bwHdogiHzZgUaEPQws4yBGxOUAhlhWlGQb8yvONG9A
aLzxSJ565m2NpUlEsObVDI5Qr5Umk6O80v1FPpo7RSPZYPY4DHj2gzuJmYH8RsG/
L9AJDlZyj+T2f3rTW9vd4Kp3mTrzWDrsg0ZgXy59Ow1TLaibIFrH+MwqTYBKbN2b
hyt3F7qd71wW+I+UPphSnlfrEo1vD2nY4o0k4/WvPpFXzqUlxMdvqI2kdOyoN2LM
NvzBqvbb3LwTnZRCc0FBqslDKkVsxosC012TZVp2IKaKcT2KisfIfIkZ7MGT7xD5
Q2Wfz7xbmbQXf9ZURyfBmGV9O4SxZWHZBU/4GBBYdiop1yjBOG0u8gtShmm8Nwf7
PdMAqq0r4P9rHslGypqdttm5Cx2nZiXfkqKB3vlJ6FQBSw4G84dfsiN/ygdOPp1D
ZT7sNQJYqLIfE3oqobQN
=OnEs
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2014-07-31 14:14 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-07-31 13:37 firewalld and iptables Paul Greenberg
2014-07-31 13:54 ` Dennis Jacobfeuerborn
2014-07-31 14:12   ` Paul Greenberg
2014-07-31 14:14     ` Noel Kuntze

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.