evil242
Enthusiast
Enthusiast

Well deeper analysis is that it looks like it can handle both, but has issues if both are installed.  It doesn't discern if one is disabled and the other is enabled. 

I updated ${scriptdir}bin/commonlib.sh so that iptables comes first:

   #

   # Identify firewall

   #

   FIREWALL=

   FIREWALL_IPTABLES=IPTABLES

   FIREWALL_FIREWALLD=FIREWALLD

   [ -z "$FIREWALL" ] && \

      which iptables >/dev/null 2>&1 && FIREWALL=${FIREWALL_IPTABLES}

   [ -z "$FIREWALL" ] && \

      which firewall-cmd >/dev/null 2>&1 && FIREWALL=${FIREWALL_FIREWALLD}

Not the best of coding, but I didn't want to uninstall firewalld either:

Dependencies Resolved

========================================================================================================

Package                                  Arch   Version               Repository                  Size

========================================================================================================

Removing:

firewalld                                noarch 0.4.3.2-8.1.el7_3.2   @rhel-x86_64-workstation-7 1.7 M

Removing for dependencies:

anaconda-core                            x86_64 21.48.22.93-1.el7     @anaconda/7.3              7.9 M

anaconda-gui                             x86_64 21.48.22.93-1.el7     @anaconda/7.3              1.4 M

anaconda-tui                             x86_64 21.48.22.93-1.el7     @anaconda/7.3              426 k

firewall-config                          noarch 0.4.3.2-8.1.el7_3.2   @rhel-x86_64-workstation-7 1.0 M

initial-setup                            x86_64 0.3.9.36-1.el7        @anaconda/7.3              213 k

initial-setup-gui                        x86_64 0.3.9.36-1.el7        @anaconda/7.3               32 k

subscription-manager-initial-setup-addon x86_64 1.17.15-1.el7         @anaconda/7.3               45 k

Transaction Summary

========================================================================================================

Remove  1 Package (+7 Dependent packages)

Installed size: 13 M

Is this ok [y/N]: N

Exiting on user command

Perhaps the developers can use systemctl status instead

[root@h7-trhws7 VMware-horizonagent-linux-x86_64-7.1.0-5141896]# systemctl status firewalld

● firewalld.service - firewalld - dynamic firewall daemon

   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)

   Active: inactive (dead)

     Docs: man:firewalld(1)

[root@h7-trhws7 VMware-horizonagent-linux-x86_64-7.1.0-5141896]# systemctl status iptables -l

iptables.service - IPv4 firewall with iptables

   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)

   Active: active (exited) since Wed 2017-05-10 11:45:30 MDT; 6min ago

  Process: 785 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)

Main PID: 785 (code=exited, status=0/SUCCESS)

   CGroup: /system.slice/iptables.service

May 10 11:41:37 h7-trhws7.colleges.ad.unm.edu systemd[1]: Starting IPv4 firewall with iptables...

May 10 11:45:30 h7-trhws7.colleges.ad.unm.edu iptables.init[785]: iptables: Applying firewall rules: [  OK  ]

May 10 11:45:30 h7-trhws7.colleges.ad.unm.edu systemd[1]: Started IPv4 firewall with iptables.

Damion Terrell  .   +  (He/Him)  +  . *  .  +   @   + .    *  .    +      .                    
Core IT Service Specialist * . + * . + . + . + * +
UNM – IT Platforms – VIS + . . . . . . . . .
. + . + * . + * .
* . . + . . . . + . + * + .
“You learn the job of the person above you, * + . + * @
and you teach your job to the person below you..” . * +
Reply
0 Kudos