Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sap_*_preconfigure: handle for nftables #900

Open
sean-freeman opened this issue Nov 28, 2024 · 0 comments
Open

sap_*_preconfigure: handle for nftables #900

sean-freeman opened this issue Nov 28, 2024 · 0 comments

Comments

@sean-freeman
Copy link
Member

sean-freeman commented Nov 28, 2024

All Ansible Roles should also provide some handling in case an end-user has enabled nftables to replace firewalld (or iptables before it).

"RHEL 7, firewalld is the default firewall solution"
"RHEL 8 and RHEL 9 introduced nftables as the default framework for packet filtering"

"Follow the below step to switch from firewalld to nftables in RHEL 7, RHEL 8 and RHEL 9:"
"Note: Make sure that only one firewall service runs on a RHEL host and disable the other services to prevent the different firewall services from influencing each other."

"To prevent the different firewall-related services (firewalld, nftables, or iptables) from influencing each other, run only one of them on a RHEL host, and disable the other services."

Sources:

Reference to:
#6 #21 #168 #176 #506

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant