| |
@@ -3,3 +3,21 @@
|
| |
|
| |
[[select-distribution]]
|
| |
= Distribution-wide Changes
|
| |
+
|
| |
+ [[firewalld]]
|
| |
+ == Update firewalld to v1.0.0
|
| |
+ *firewalld* has been rebased to v1.0.0.
|
| |
+
|
| |
+ Major changes:
|
| |
+
|
| |
+ - Reduced dependencies.
|
| |
+ - Intra-zone forwarding by default.
|
| |
+ - NAT rules moved to `inet` family (reduced rule set).
|
| |
+ - `default` target is now similar to `reject`.
|
| |
+ - ICMP blocks and block inversion only apply to input, not forward.
|
| |
+ - `tftp-client` service has been removed.
|
| |
+ - `iptables` backend is deprecated.
|
| |
+ - Direct interface is deprecated.
|
| |
+ - `CleanupModulesOnExit` defaults to `no` (kernel modules not unloaded).
|
| |
+
|
| |
+ Full details on the link:++https://firewalld.org/2021/06/the-upcoming-1-0-0++[upstream blog].
|
| |
PR for Issue #712
Summary:
- added firewalld section to distribution-wide changes page.