I find that there are fix coded in firewalld that many default rules (and chains) that are
meaning less, such as all ip in and all ip out in security iptable table. Why are they
existed ? Can we remove them ?
And I also find that the network performance will be improved if I rmmod some kernel
modules, i.e. iptable_mangle.ko, iptable_security.ko. And for SuSEfirewall, there is NO
such kos inserted. Why firewalld inserted them fixedly ? Will function be developed to
dynamically remove such kos ?