I have been looking at the new Fedora firewall 'firewalld' and the 'firewall-cmd' command. I'm currently running F17 on a PC with an F18 virtual machine, and have been trying to understand firewalld prior to
upgrading to Fedora 19.
The PC has a modified iptables. So I have been trying to see how to incorporate the changes into the new firewalld. I suspect I will need to use the 'firewall-cmd --direct' option to add the iptables rules (as I
see no other way of specifying on the rules source/destination addresses using 'firewall-cmd').
However, 'firewall-cmd' offers both the '--get-chains' and '--get-rules' options, but these both require specifying which table is to be used. How do I know what the tables are? There is no '--get-tables' option.
I can run 'cat /proc/net/ip_tables_names' and this lists the standard iptables tables (nat ,mangle, filter). But if I use these names with 'firweall-cmd' all I get is a blank line displayed. E.g.
firewall-cmd --direct --get-chains ipv4 nat
The same occurs with all the table names.
So, my question is this, is 'firewall-cmd' working correctly and simply stating that none of the tables have any chains (and so no rules) Secondly, how do I find out what tables are defined for firewalld?