I'm looking for a dependable method to verify if the installed version of firewalld on RHEL 9 systems supports a certain configuration file option called "NftablesTableOwner." I need this for an RPM package installation on two systems: one running RHEL 9.4 and the other RHEL 9.6, both updated recently. It seems that between these two versions, the new option was introduced in firewalld, and I want to ensure I can appropriately set it in /etc/firewalld/firewalld.conf. I've considered using "firewall-cmd --version," but it returns the same output for both versions even though their RPMs differ. Also tried checking the firewalld Python script with "grep," but came up empty. The best idea I've had so far is to use "man firewalld.conf | grep -qi 'NftablesTableOwner'" to test if the option is supported, but I worry about whether there's a more efficient way to do this. My end goal is to be able to set 'NftablesTableOwner=No' to override the default value of 'yes.'
2 Answers
Great point about checking the changelog! You can run `rpm -q --changelog firewalld` to see any documented changes. That should ideally include info about new options like 'NftablesTableOwner.' However, keep in mind that not all maintainers document every addition extensively, so your results may vary.
Using `firewall-cmd --version` only gives you the client version, not the firewalld service version, so that's not useful. What you might want to try instead is running `dnf list installed firewalld` or `rpm -qi firewalld` to get more detailed package info. From there, you can determine which version of firewalld added the 'NftablesTableOwner' option! It's definitely a bit of legwork, but it's a more reliable method to narrow it down.

Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures