firewalld与iptables区别
Comparison of Firewalld to system-config-firewall and iptables
The essential difference between firewalld and iptables service are:
-
The iptables service stores configuration in
/etc/sysconfig/iptableswhile firewalld stores it in various XML files in/usr/lib/firewalld/and/etc/firewalld/. Note that the/etc/sysconfig/iptablesdoes not exist as firewalld is installed be default on Fedora. -
With the iptables service, every single change means flushing all the old rules and reading all the new rules from
/etc/sysconfig/iptableswhile with firewalld there is no re-creating of all the rules; only the differences are applied. Consequenly, firewalld can change the settings during run time without existing connections being lost
Both use iptables tool to talk to the kernel packet filter.
浙公网安备 33010602011771号