Today we are going to publish about a component that has a lot of prominence in the RPM spectrum, but that until now we had not dedicated any entry to it: firewalld . Firewalld development was started by Red Hat ten years ago for the purpose of managing Linux firewall functionality with Netfilter. Despite being a veteran software, the first major version has been made begging, because it did not appear until yesterday.
The first relevant novelty of firewalld 1.0 is the elimination of support for Python 2 , which is logical if we consider that the aforementioned version of the popular programming language was discontinued at the beginning of 2020, so its use would have to be inadvisable for reasons of security. Now the minimum version of Python that is required to make it work is 3.6.
Other new features of firewalld 1.0 are the fact that the NAT rules have been moved to the iNet family to reduce the set, that the default target is now similar to reject, that CleanupModulesOnExit defaults to no, the default enable of the Intrazone forwarding, ICMP block enforcement and inbound-only block inversion, plus removal of tftp-client service, backend IPTables , and direct interface.
What has been exposed so far for end users? Well, firewalld 1.0 should offer better predictability with the standard configuration, thus reducing the number of problems to be dealt with and the size of the rule set. In other words, it should be easier to use.
firewalld is software whose presence stands out within the RPM spectrum, being used, not necessarily in its latest version, by CentOS 7 or later, RHEL 7 or later, Fedora 18 or later, openSUSE Leap 15 or later and SUSE Linux Enterprise 15 or later , without ruling out other distributions. Fedora 35 aims to be the main candidate to release version 1.0 pre-installed.
firewalld, which is free software using the GPLv2 license, has two graphical interfaces, firewall-config, which is a frontend graphical for its configuration, and firewall-applet, a small status indicator that provides log notifications of the events of the firewall, as well as a quick way to open firewall-config. firewall-applet was ported to Qt a few years ago due to the system tray being discontinued in GNOME 3.
All the details of firewalld 1.0 can be found through the official announcement and release notes on GitHub . Those interested in learning how to use this firewall can take a look at two posts posted on the Red Hat website, with one being a beginner’s guide and the other providing an introduction to the rules and scenarios .