There’s another networking change that I’ve discovered in Fedora, the replacement of
/etc/sysconfig/iptables (and the IPv6 equivalent) with Firewalld. From reading the Firewalld documentation I can appreciate the use case for laptop and desktop users, however my main interest is servers (not that I’d recommend running Fedora as an OS for production servers) so I’d rather revert back to a static firewall system. Here’s how to make that change:
yum install iptables-services systemctl mask firewalld.service systemctl enable iptables.service systemctl enable ip6tables.service
At this point you should edit
/etc/systconfig/ip6tables-config to lock down your system. Once you’re happy with the static firewall rules:
systemctl stop firewalld.service systemctl start iptables.service systemctl start ip6tables.service yum remove firewalld
Notice that there is a small window of vulnerability between stopping Firewalld and starting the iptables services.