I'm newly introduced to firewalld and I would like to make use of it to configure my firewall.
In playing around with firewall-cmd to set up some forwarding rules (which were also maing use of logging the rule executions), I found that rules were not being executed as I expected.
Consequently, I tried to find a way to be able to generate either an nftables view or an iptables view of the rules that are generated by a firewalld configuration so I can see why my rules are not being executed. Running the iptables command would give me some results, but they did not correspond to what I had set up in firewalld.
Add to this the fact that when I do a fresh install, the firewalld service is enabled and active and the iptables and nftables services on my host/router are not active. This leads me to believe that in order to use firewalld, neither iptables nor nftables should be active. On the other hand, I have read that firewall-cmd is just a front end to nftables (the subsystem) and so that might lead one to think that nftables service should be enabled and active.
So, here are my questions:
1. When using firewalld, should the iptables and nftables services be inactive? If one or more is active, what are the consequences?
2. How can I generate an iptables view or an nftables view of the rules in my firewalld configuration in order to see which rules firewalld is really passing to nftables?