nit: firewalld does not replace iptables, it replaces system-config-firewall, a GUI, TUI, and startup script generator around iptables.

iptables is still the underlying tech, we now just have a much better way to manage it.

