Debian 9 or 10 for new installs

It works ok on 9 and 10. I found a bug in D10 the first 5 minutes of using it that causes firewalld to not work unless you install a backport update that has not made it into stable release yet. That caused me to waste a couple hours trying to figure all that out. So D10 is still a little green imo and you are better off using D9 for now.
 
Last edited:

DigitalDaz

Administrator
Staff member
My point is that if you are using the install script, is well. For any non-experienced user considering NOT using iptables/fail2ban, be aware that these are essential to protect you from brute force attacks and not using them will weaken your security considerably.
 
My point is that if you are using the install script, is well. For any non-experienced user considering NOT using iptables/fail2ban, be aware that these are essential to protect you from brute force attacks and not using them will weaken your security considerably.
Firewalld is a client interface for iptables. It seems to play well with fail2ban so no issues there. It is arguably easier to use for non-experienced users.

Either one will work so if you prefer using the traditional iptables client interface you can keep doing that. I like firewalld because it makes adding standard rules very simple and automatically adds the state rules for you. I also like that it is IPv6 aware so those state rules automatically get added for you as well.
 
Last edited: