How do I disable firewalld and use nftables instead ?
step-1: “disable firewalld service” this is
systemctl disable firewalld
systemctl mask firewalld
step-2: “enable nftables service” - have a trouble:
# systemctl start nftables
Failed to start nftables.service: Unit nftables.service not found.
# rpm -qa | grep -i nft
libnftnl11-1.1.9-1.1.x86_64
nftables-0.9.8-1.7.x86_64
libnftables1-0.9.8-1.7.x86_64
python3-nftables-0.9.8-1.7.x86_64
tnftp-20151004-bp153.1.16.x86_64
Please, help me.
Serg
The first thing you should know is that firewalld is just a user-space frontend that interacts with nftables via nft. It operates by taking instructions, then turning them into nftables rules as required. More detail here:
https://firewalld.org/2018/07/nftables-backend
I don’t see any advantage in removing it as an administrative user interface.
FWIW, there is a wrapper ‘nftables-service’ package available that can be installed (which will provide a systemd service unit)…https://software.opensuse.org/package/nftables-service?search_term=nftables-service
deano_ferrari:
The first thing you should know is that firewalld is just a user-space frontend that interacts with nftables via nft. It operates by taking instructions, then turning them into nftables rules as required. More detail here:
nftables backend | firewalld
I don’t see any advantage in removing it as an administrative user interface.
FWIW, there is a wrapper ‘nftables-service’ package available that can be installed (which will provide a systemd service unit)…openSUSE Software
About “I don’t see any advantage in removing it as an administrative user interface.”
thanks for the link to nftables.service
Serg