how to use firewalld in stateful mode

firewall centos firewalld centos8

Solution 1:

thanks to setenforce 1 and his excellent answer here.

Firewalld configures iptables or nftables, and the resulting configuration is stateful (based on connstate status: established, related, untrack, invalid, new).

You can check the actual configuration with iptables -L -n -v and nft list ruleset.

You can choose which backend you want to use in /etc/firewalld/firewalld.conf with the option FirewallBackend. If you want Firewalld to use iptables, you have to set: FirewallBackend=iptables

If you want to disable Firewalld to use you standard iptables configurations, you can use:

systemctl disable firewalld --now
systemctl mask firewalld

hope it helps for others.

Related

Hosting 2 webserver machines with iis10
How to list all OpenSSH supported authentication methods?
How to configure a second IP address (to bind it to a VBoxHeadless virtual machine then)?
One user for all databases or different user for different databases?
What's the most accurate term for phrases such as "storm in a teacup" and "making mountains out of molehills"?
What does the grave accent mark on words mean?
What are the differences between "manual", "guide" and "instruction"?
What are wrong with this phrase?
"Please note" vs. "please notice" [closed]
Describing a group of people who lie down in a public place to send a political message
Is there an English equivalent of the Hindi saying “sau chuhe maar billi haj ko chali”? (After killing/eating 100 mice, the cat goes on a pilgrimage)
"currently not" or "not currently"