how to check if firewall is stopped on redhat 7
8,835
Solution 1
RHEL 7 introduces a command firewall-cmd
to work with firewall. But the catch is it requires root access.
If you are running your script as root, then you can use the following code:
if [[ `firewall-cmd --state` = running ]]
then
firewall_status=active
else
firewall_status=inactive
fi
But if you are not running your script as root, then, unfortunately, yours is the only way to do it.
Solution 2
There is a better and cleaner way:
systemctl is-active firewalld
will simply return true
if firewalld is active and running, false
otherwise.
So your test becomes:
if [ `systemctl is-active firewalld` ]
then
firewall_status=active
else
firewall_status=inactive
fi
Related videos on Youtube
Author by
yael
Updated on September 18, 2022Comments
-
yael over 1 year
What is the elegant way to verify if firewall is stop/inactive on redhat 7 machines?
example:
we stop the firewall:
systemctl status firewalld.service
and my approach to verify the firewall status is like this:
systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead)
so
in my bash script I do the following in order to check if firewall is stopped/inactive
if [[ ` systemctl status firewalld.service | grep Active | awk '{print $2}' ` = inactive ]] then firewall_status=inactive else firewall_status=active fi
but to check the results like this way is little clumsy.
-
Patrick over 6 yearsYou can use 'firewall-cmd --state'
-
yael over 6 yearsin that case another question how to verify the iptables ? ( instead of systemctl stop iptables.service )
-
-
yael over 6 yearsin that case another question how to verify the iptables ? ( instead of systemctl stop iptables.service
-
Ombrophile over 6 yearsAccording to RHEL 7 documentation [1], iptables is not installed by default. Instead it is managed by firewalld now. Still, assuming that you have somehow enabled iptables, you will have to check that by the same method that you have mentioned. For more details, refer to this link [2]. [1] access.redhat.com/documentation/en-us/red_hat_enterprise_linux/… [2] superuser.com/questions/1124317/…
-
Farhad Sakhaei almost 5 yearsdoes it work on ubuntu and other distros?
-
pooya13 almost 4 yearsI think you need the -q flag:
if [ `systemctl -q is-active firewalld` ]