Using iptables firewall in CentOS 7

By | November 27, 2014

In this post I will discuss on using iptables firewall in CentOS 7. With RedHat Enterprise Linux 7, RedHat has shifted to firewalld as the firewall service. And it is no surprise that the same is reflecting in CentOS 7 as well.

After being used to with IPTABLES for so many years now, I like to stick around with it for some more time, before I test firewalld and update my skills on it.  So lets stop firewalld and move to iptables.

1) Check the services that are active on startup

systemctl list-unit-files | grep enabled (Enabled services will listed as below)

auditd.service enabled 
crond.service enabled 
dbus-org.fedoraproject.FirewallD1.service enabled 
firewalld.service enabled 
getty@.service enabled 
microcode.service enabled 
postfix.service enabled 
rsyslog.service enabled 
sshd.service enabled 

2) Stop and Disable firewalld service

systemctl stop firewalld.service && systemctl disable firewalld.service

3) Install iptables service and enable it

yum install iptables-services && systemctl start iptables.service && systemctl enable iptables.service && systemctl start ip6tables.service && systemctl enable ip6tables.service

4) A quick testing

Lets write a firewall rule, save it and view it.

iptables -A INPUT -p tcp --dport 5555 -j REJECT &&  service iptables save
cat /etc/sysconfig/iptables | grep 5555 (Output will be listed as below)
-A INPUT -p tcp -m tcp --dport 5555 -j REJECT --reject-with icmp-port-unreachable

Thats it..!!! We are back to Iptables..!!!!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.