CentOS7 firewall?

stacksofplates

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

coliver

@johnhooks said:

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

I thought CentOS 7 used Firewalld and not IPTables?

Alex Sage

@coliver said:

@johnhooks said:

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

I thought CentOS 7 used Firewalld and not IPTables?

I did too....

stacksofplates

@coliver said:

@johnhooks said:

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

I thought CentOS 7 used Firewalld and not IPTables?

From what I've understood firewalld uses iptables, just makes it easier to manage. Kind of like ufw on Ubuntu.

coliver

@johnhooks said:

@coliver said:

@johnhooks said:

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

I thought CentOS 7 used Firewalld and not IPTables?

From what I've understood firewalld uses iptables, just makes it easier to manage. Kind of like ufw on Ubuntu.

It seems like they are two different applications but there isn't much info about it on the Fedora wiki.

https://fedoraproject.org/wiki/FirewallD?rd=FirewallD/#Dynamic_firewall_with_FirewallD

scottalanmiller

@anonymous said:

I thought CentOS7 was using firewalld, not iptables?

I've been out getting groceries but... firewalld uses iptables, doesn't replace it. Whenever I see firewalld, iptables is still there.

Alex Sage

@scottalanmiller But it is no firewall is running by default

scottalanmiller

@anonymous said:

@JaredBusch Do you know of anyway to compare the two installs to see what packages are different? It would be interesting to know.

rpm -ql >> list

On each box. The do a diff on the two lists.

scottalanmiller

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

Alex Sage

@scottalanmiller Right, so basically your whole box is exposed right?

scottalanmiller

@coliver said:

@johnhooks said:

@coliver said:

@johnhooks said:

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

I thought CentOS 7 used Firewalld and not IPTables?

From what I've understood firewalld uses iptables, just makes it easier to manage. Kind of like ufw on Ubuntu.

It seems like they are two different applications but there isn't much info about it on the Fedora wiki.

https://fedoraproject.org/wiki/FirewallD?rd=FirewallD/#Dynamic_firewall_with_FirewallD

http://www.firewalld.org/

If you look at the project itself, they self describe as a management tool, not as a firewall.

JaredBusch

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

coliver

@scottalanmiller said:

@coliver said:

@johnhooks said:

@coliver said:

@johnhooks said:

@anonymous said:

@JaredBusch I see. But why would you decrease security out of the box? That seems strange to do....

The firewall is still there (iptables) they just removed the management interface for some reason.

I thought CentOS 7 used Firewalld and not IPTables?

From what I've understood firewalld uses iptables, just makes it easier to manage. Kind of like ufw on Ubuntu.

It seems like they are two different applications but there isn't much info about it on the Fedora wiki.

https://fedoraproject.org/wiki/FirewallD?rd=FirewallD/#Dynamic_firewall_with_FirewallD

http://www.firewalld.org/

If you look at the project itself, they self describe as a management tool, not as a firewall.

That's what I was looking for. Thanks.

Ok right from their main page - apparently my Google Fu isn't very good today:

Support for iptables, ip6tables, ebtables firewall backends

Alex Sage

@JaredBusch said:

no, it is not installed at all see my above screen shot..

He is talking about iptables...

JaredBusch

And it is there in the minimal from DVD ISO.. So that is bad on CentOS for not having minimal be the same.

https://i.imgur.com/WjxQaYT.jpg

Alex Sage

@JaredBusch Can you see what else is missing?

Alex Sage

Need to know if I need to rebuild all my servers

Alex Sage

So I guess the lesson I learned is always use the full DVD???

scottalanmiller

@JaredBusch said:

@scottalanmiller said:

@anonymous said:

@scottalanmiller But it is no firewall is running by default

Ah, it is installed but not running.

no, it is not installed at all see my above screen shot..

The firewall (iptables) is installed according to @anonymous screen shot. And on a new build from an hour ago that I am testing. But firewalld (the management tool) is not. But iptables won't start, which is the bigger problem. It looks like no scripts for starting it are installed.

MattSpeller

@anonymous said:

So I guess the lesson I learned is always use the full DVD???

Or at least be really sure of whats on each version