I'm working on an Arch Installation for my home pc and this definetly cleared things up. I was going to initially use iptables but then I noticed a side-note in the arch-wiki that said it's more or less deprecated and that nftables is essentially the successor. Firewalld seems to be the way to go to manage nftables and looks easy enough to install and configure. Subbed to your channel!
Like and sub right away. You talk about it from the beginning and you are super knowledgeable on the subject. You explained the missing pieces that I can't seem to find elsewhere, thank you
Actually, ipchains came with kernel 2.2, not 2.4. It replaced ipfwadm which was used in kernel 2.0. Iptables came out on 2.4, and was meant to manipulate netfilter. ipchains didn't work with netfilter, but with another firewalling stack, packet filter, present in kernel 2.2. nftables also works with netfilter, but ipchains was really something else...
Redhat is advertizing dbus/systemd integration of firewalld. That, together with the fact that docker supports firewalld as about the only way not to ruin local firewall settings bought me in to look at firewalld. However, I did not find any documentation about how firewalld integrates into systemd. The whole thing looks rather messy to me.
Hi Donnie. Just discovered your channel and I like your way of explanation. Could you please make a dedicated video about nftables for beginners. I feel there are plenty of videos which do not explain either the concepts behind it or the commands only and I believe one video explaining all this in such a way that beginners can start using nftables right away for simple cases would be good idea.
Hi there! Sorry for the delay in answering. Anyway, now that I've finished writing my shell scripting book, I'll have more time for TH-cam. So, I'll see what I can do about an nftables tutorial. Stay tuned!
Fedora uses firewalld, just as all Red Hat-type operating systems do. The default configuration is good for normal use, so the most you'll probably need to do with it is to open ports for any network services that you might need to add.
On my laptop I changed the zone associated to my home WiFi network to “home” and switched the default zone to “drop” - for any new untrusted and potentially dangerous WiFi network. I haven’t touched my desktop’s configuration yet because I haven’t had the need to change anything. On my home server/lab I switched to Fedora Server and enabled a few other services. I’m running F36 Kinoite (Silverblue + KDE) on both my laptop and workstation, and F36 IoT (also with rpm-ostree) for the lab running on a Chuwi Hero.
The Fedora Firewalld docs are for the command line, UGH! It is for IT professionals in an enterprise situation. It is horrible for an average home desktop novice user. A home desktop firewall should have a basic screen and an advanced screen- the basic one should have an on/off switch and an EASY way to whitelist/ un-whitelist an application.
Desktop versions of Linux normally come with a GUI-based frontend for the normal firewall manager. So, if you're a normal desktop user, you don't necessarily need to use the firewalld commands. On the other hand, the basic firewalld commands aren't that hard once you get used to them. I'll normally use them instead of the GUI thing, because for me it's just faster.
@@beginlinuxguru7354 The GUI for firewalld is a nightmare to try to explain to new Linux users. I've gotten lots of people to switch from Windows and several to Fedora specifically and the firewalld GUI presents them with something designed for high level IT networking professionals. I know Fedora is upstream to Red Hat so this makes sense. But to a Linux newbie running Fedora on a home desktop, it is terrible for novices. I actually laugh out loud when I see that firewalld GUI referred to as simple or easy.
Wow.. so it's so much worse and more complicated than I thought... so much for "demystifying it. lol.. This video might as well be in Spanish.. there are so many things I need to learn now, and this video does not make it clear about any of it. I guess I'll come back in a year and watch this again.. after I learn what all these things mean.
Thanks for this! Really do enjoy your videos.
I'm working on an Arch Installation for my home pc and this definetly cleared things up. I was going to initially use iptables but then I noticed a side-note in the arch-wiki that said it's more or less deprecated and that nftables is essentially the successor.
Firewalld seems to be the way to go to manage nftables and looks easy enough to install and configure.
Subbed to your channel!
Like and sub right away. You talk about it from the beginning and you are super knowledgeable on the subject. You explained the missing pieces that I can't seem to find elsewhere, thank you
Actually, ipchains came with kernel 2.2, not 2.4. It replaced ipfwadm which was used in kernel 2.0. Iptables came out on 2.4, and was meant to manipulate netfilter. ipchains didn't work with netfilter, but with another firewalling stack, packet filter, present in kernel 2.2. nftables also works with netfilter, but ipchains was really something else...
The legend is back.
Great video, thanks. I bought your book.
Great video!
Redhat is advertizing dbus/systemd integration of firewalld. That, together with the fact that docker supports firewalld as about the only way not to ruin local firewall settings bought me in to look at firewalld.
However, I did not find any documentation about how firewalld integrates into systemd. The whole thing looks rather messy to me.
Okay, good information. I'll have to look into that.
Ciao!
Excellent video! What note pad are you using in this video??
It's Featherpad, which is the default notepad that comes with Lubuntu 20.04.
@@beginlinuxguru7354 You are awesome! Thanks for telling me.✌🏻😁
Hi Donnie. Just discovered your channel and I like your way of explanation. Could you please make a dedicated video about nftables for beginners. I feel there are plenty of videos which do not explain either the concepts behind it or the commands only and I believe one video explaining all this in such a way that beginners can start using nftables right away for simple cases would be good idea.
Hi there! Sorry for the delay in answering. Anyway, now that I've finished writing my shell scripting book, I'll have more time for TH-cam. So, I'll see what I can do about an nftables tutorial. Stay tuned!
I don't know what is wrong with my setup because i open ports, reload and the ports still blocked.
Did you include the --permanent switch?
Firewall default config on fedora 35 is it enough or i need to configure it
Fedora uses firewalld, just as all Red Hat-type operating systems do. The default configuration is good for normal use, so the most you'll probably need to do with it is to open ports for any network services that you might need to add.
On my laptop I changed the zone associated to my home WiFi network to “home” and switched the default zone to “drop” - for any new untrusted and potentially dangerous WiFi network.
I haven’t touched my desktop’s configuration yet because I haven’t had the need to change anything.
On my home server/lab I switched to Fedora Server and enabled a few other services.
I’m running F36 Kinoite (Silverblue + KDE) on both my laptop and workstation, and F36 IoT (also with rpm-ostree) for the lab running on a Chuwi Hero.
The Fedora Firewalld docs are for the command line, UGH! It is for IT professionals in an enterprise situation. It is horrible for an average home desktop novice user. A home desktop firewall should have a basic screen and an advanced screen- the basic one should have an on/off switch and an EASY way to whitelist/ un-whitelist an application.
Desktop versions of Linux normally come with a GUI-based frontend for the normal firewall manager. So, if you're a normal desktop user, you don't necessarily need to use the firewalld commands. On the other hand, the basic firewalld commands aren't that hard once you get used to them. I'll normally use them instead of the GUI thing, because for me it's just faster.
@@beginlinuxguru7354 The GUI for firewalld is a nightmare to try to explain to new Linux users. I've gotten lots of people to switch from Windows and several to Fedora specifically and the firewalld GUI presents them with something designed for high level IT networking professionals. I know Fedora is upstream to Red Hat so this makes sense. But to a Linux newbie running Fedora on a home desktop, it is terrible for novices. I actually laugh out loud when I see that firewalld GUI referred to as simple or easy.
Still coming back to this video
1st view from India 🇮🇳❤️
Firewalld + Docker intergration please!
Well, I'd love to help. Unfortunately, I'm not yet enough of a Docker expert to help with that. Someday, perhaps. But not quite yet.
firewalld is a big mess, iptables logic looks a lot better
Wow.. so it's so much worse and more complicated than I thought... so much for "demystifying it. lol.. This video might as well be in Spanish.. there are so many things I need to learn now, and this video does not make it clear about any of it. I guess I'll come back in a year and watch this again.. after I learn what all these things mean.
2nd from el salvador
3rd view from Ukraine