LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   best way to configure a firewall on RHEL7 (https://www.linuxquestions.org/questions/linux-newbie-8/best-way-to-configure-a-firewall-on-rhel7-4175593562/)

sigint-ninja 11-15-2016 12:36 AM
best way to configure a firewall on RHEL7
 
hi guys,

read this:

The RHCSA objective does not define which tool you should use to create firewall rules. It just mentions that you should be able to create firewall rules by using iptables, firewall-config, or firewall-cmd. So, you do not have to be able to work with each of these tools; you just have to be able to configure a firewall with the tool that works best for you.

what would you recommend and why?
iptables
firewall-config
firewall-cmd

thanks

tshikose 11-15-2016 05:37 AM
Hi,

My recommendation is firewall-cmd.
iptables is still good, but it is the past.

TB0ne 11-16-2016 07:41 AM
Quote:
Originally Posted by sigint-ninja (Post 5630702)
hi guys,
read this:

The RHCSA objective does not define which tool you should use to create firewall rules. It just mentions that you should be able to create firewall rules by using iptables, firewall-config, or firewall-cmd. So, you do not have to be able to work with each of these tools; you just have to be able to configure a firewall with the tool that works best for you.

what would you recommend and why?
iptables
firewall-config
firewall-cmd
I wouldn't recommend any of them...because it's YOU taking the exam. Since you have the flexibility to choose one, the best and most obvious answer is for you to read about/try/study all three, and figure out which one you can use best. If all three do the same things, and your objective is to pass an exam, then whichever you find you can work with easiest, use.

sigint-ninja 11-28-2016 04:54 PM
so tbone,

it doesnt really matter? they all accomplish the same thing
but isnt there pros and cons to doing thins differently?
the previous poster said iptables is in the past...do you agree?

AwesomeMachine 11-28-2016 08:14 PM
I believe all three options use iptables. The other two simply parse iptables rules. Once I started using iptables directly it was so much easier to lock down a network exactly the way I wanted that I just kept using it.

John VV 11-28-2016 10:17 PM
use bash

TB0ne 11-29-2016 07:16 AM
Quote:
Originally Posted by sigint-ninja (Post 5635581)
so tbone,
it doesnt really matter? they all accomplish the same thing but isnt there pros and cons to doing thins differently? the previous poster said iptables is in the past...do you agree?
You either didn't read what I posted, or missed the point.

To break it down:
  • YOU are wanting to take a 'certification' exam.
  • YOU have the choice of tools to use to accomplish a task
  • YOU are going to have to decide what is easiest for YOU to use
  • And the only way to determine what is better for YOU is for YOU to actually use both tools
There is no 'right' answer for anyone to give you...this is like asking someone, "Is the CLI easier than the GUI to use?" Depends on the user, and what THEY are comfortable with.

sigint-ninja 12-04-2016 04:45 PM
ok with you TBONE thanks...understand now.

lazydog 12-05-2016 12:26 PM
Quote:
Originally Posted by sigint-ninja (Post 5635581)
the previous poster said iptables is in the past...do you agree?
Just because someone say something doesn't make it true. But here are some true statements for you.

Redhat does everything to try and stand out even to the point of trying to make the way they do things the standard.

Since you are taking the test you need to decide what works best for you and what you can use to complete the task at hand in a timely matter as in the end that is what counts, complete each task correctly in a timely matter.


All times are GMT -5. The time now is 04:41 AM.