I used Iptables on Centos 6.5 and tried to translate iptables rules into firewalld rules on centos 7. However, with firewalld, i have discovered i am unable to
- drop packets in invalid states
- create a set of rules to protect from portscan
- create a rule against SYN attacks (meaning looking for packets with syn flags)
- Use hash limit to limit number of connections per second per IP
Am i right to think that firewalld has way less possible features as compared to Iptables?