I've got centos 6 running server. It uses iptables. I want to migrate to centos 7. Centos 7 uses firewalld.
My aim is to download iptables configuration(rules) and apply to firewalld.
I can download iptables rules like this:
iptables-save
I don't know how to apply iptables-save
's output to firewalld. I hope there is automated way.
Question: How can I apply current iptables rules to firewalld? I don't like to configure manually because there might be many server with big iptables rules/configs.
Best Answer
A good place to start is the RHEL 6 --> 7 migration planning guide but in short:
system-config-firewall
, you can use thefirewall-offline-cmd
tool to migrate the configuration from/etc/sysconfig/system-config-firewall
into the default zone of firewalld.If you used any other method to configure your current firewall there is, as far as I know, no practical migration to firewalld and your options are:
iptables-save
export and load it with iptables-restore. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using_iptables