Installing iptables and disabling firewalld on Centos 7/8

Firewalld is the default firewall on Centos 7 and Centos 8, as well as RHEL 7 and RHEL 8.

To start using iptables on Centos, you need to disable firewalld to avoid conflicts in firewall rules.

Stop firewalld and remove it from startup

$ sudo systemctl stop firewalld
$ sudo systemctl disable firewalld

We mask the firewalld service so that it is not called by any other service

$ sudo systemctl mask --now firewalld

Checking

$ sudo systemctl status firewalld
● firewalld.service
   Loaded: masked (Reason: Unit firewalld.service is masked.)
   Active: inactive (dead)

Install iptables

$ sudo yum install iptables-services -y

We start the services and add them to startup

$ sudo systemctl start iptables
$ sudo systemctl start ip6tables
$ sudo systemctl enable iptables
$ sudo systemctl enable ip6tables

Checking

$ sudo systemctl status iptables
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: active (exited) since Fri 2021-05-28 10:16:50 MSK; 39min ago
 Main PID: 4423 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 23516)
   Memory: 0B
   CGroup: /system.slice/iptables.service

See the current iptables rules

$ sudo iptables -nvL
Sidebar