firewalld is not working in CentOS 8: no rule at all is created in iptables
Because you don't see any iptables rule, doesn't mean firewalld is not working. Actually firewalld switched to using nftables as backend. So you can find your rules with for example:
nft list ruleset
The rules you added for ssh and http would likely be in the chain filter_IN_public_allow
:
chain filter_IN_public_allow {
tcp dport ssh ct state new,untracked accept
tcp dport http ct state new,untracked accept
}
You will probably also find empty iptables rules (but seen as nftables rules) in the output of nft list ruleset
, because iptables is using the nftables compatibility kernel API:
# iptables -V
iptables v1.8.2 (nf_tables)
useful link: Redhat - Firewalld: The Future is nftables