A small, yet helpful, change is being planned for the future release of Fedora 32. The project plans to change the backend used by firewalld to use the kernel's nftables instead of the older iptables. Upstream, firewalld already uses nftables and Red Hat adopted nftables as the backend for Red Hat Enterprise Linux 8 earlier this year. How will this change benefit Fedora users? The change proposal explains this will simplify and isolate firewall rules: "Fewer firewall rules (rule consolidation). All of firewalld's primitives will use the same underlying firewall (nftables) instead of duplicating rules both in iptables and ip6tables. In nftables rules can match both IPv4 and IPv6 packets. This reduces the number of firewall rules by half. firewalld's rules are namespaced. With nftables firewalld's rules are isolated to a "firewalld" table. A separate firewall (or user) can create its own independent ruleset and firewalld will never touch it. Netfilter upstream is focusing on nftables, not iptables."
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu, Linux Mint or Zorin OS pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.