CentOS 7 Firewall Configuration
Solution 1
Since the release of RedHat/CentOS 7, the previous firewall system has been replaced with firewalld.
At the time of writing there is no curses-like console interface similar to system-config-firewall. If you don't mind using a GUI you could use firewall-config instead.
If you need something for the console you will have to use firewall-cmd instead.
For more information and full documentation about firewalld: 4.5. Using Firewalls (or now (subscription required) How to configure firewalld in RHEL ?)
I hope this might help you!
Solution 2
Here are some commands with descriptions below that I came across and were helpful
firewall-cmd --state
view status of firewalld service (systemctl status firewalld)
firewall-cmd --zone=public --list-all
gets all info for the “public” zone
firewall-cmd --list-all-zones
shows all info for all zones
firewall-cmd --zone=public --add-port=80/tcp --permanent
adds port 80 to public zone
firewall-cmd --zone=public --add-service=http --permanent
adds service http to public zone
firewall-cmd --reload
run this after making changes
firewall-cmd --zone=public --remove-port=80/tcp --permanent
to remove port 80 from public zone
firewall-cmd --get-default-zone
shows default zone for firewall
firewall-cmd --get-active-zones
zones where network interfaces or sources are assigned
Solution 3
A quicker way of disabling firewalld is the following.
systemctl disable firewalld
this removes the .service so you should get something similar to
rm '/etc/systemd/system/basic.target.wants/firewalld.service' rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
Related videos on Youtube
ste
Updated on September 18, 2022Comments
-
ste over 1 year
In CentOS 6 I could type
setup
from the command line and I would be presented with a set of tools, one of them beingFirewall configuration
. I can still do this in CentOS 7, except the list no longer includesFirewall configuration
as an option.Does anyone know where I can find it now and why it has been moved?
This is where I used to go to allow incoming traffic via
HTTP
andHTTPS
. If there's a better way, I'd gladly take the advice. Thanks.-
Admin almost 10 yearsHave you gone through the documentation? Using Firewalls
-
-
fuero almost 10 yearsIf you want to go back to using
iptables
, see this: serverfault.com/questions/470287/… -
Dawngerpony over 9 yearsAnd if you just want to disable the firewall, use:
sudo service firewalld stop; sudo chkconfig firewalld off
-
Deer Hunter over 9 yearsDoesn't add much to the accepted answer, though.
-
BebopArc over 9 years@DuffJ On RHEL 7 it's
systemctl stop firewalld.service
andsystemctl disable firewalld.service
-
Dawngerpony over 9 yearsOh yes! One place where RHEL and CentOS differ. Thanks.
-
Admin about 9 yearsYou also need to stop firewalld or reboot: :)
-
ste almost 9 years@DuffJ RHEL 7 and CentOS 7 don't differ in this regard.