RHEL7: Disable Firewalld and replace it with Iptables.

RHEL7: Disable Firewalld and replace it with Iptables.

If you don’t get used to Firewalld, you can still rely on Iptables by following the instructions below provided by the Fedora project.

Procedure

Install the Iptables package:

# yum install -y iptables-services
Disable the Firewalld service:

# systemctl mask firewalld
Activate the iptables and ip6tables services at boot:

# systemctl enable iptables
# systemctl enable ip6tables
Go to the /etc/sysconfig directory and define your rules in the iptables, ip6tables, iptables-config and ip6tables-config files.

Stop the Firewalld service:

# systemctl stop firewalld
Start the iptables and ip6tables service:

# systemctl start iptables
# systemctl start ip6tables
You can now run the system-config-firewall or the iptables commands without any problem.

Note:
*ip6tables for ipv6 we dont use ipv6 by default so please ignore ip6tables in the above procedure.

    • Related Articles

    • IpTables Essentials

      Introduction Iptables is the software firewall that is included with most Linux distributions by default. This cheat sheet-style guide provides a quick reference to iptables commands that will create firewall rules are useful in common, everyday ...

    • How To Migrate from FirewallD to Iptables on CentOS 7

      Introduction Like most other Linux distributions, CentOS 7 uses the netfilter framework inside the Linux kernel in order to access packets that flow through the network stack. This provides the necessary interface to inspect and manipulate packets in ...

    • Basic IPTABLES rules

      Open up ports for selected services: ​---------------------------  we can start adding selected services to our firewall filter. The first such thing is a localhost interface: iptables -A INPUT -i lo -j ACCEPT We tell iptables to add (-A) a rule to ...

    • Enable or Disable Apache suEXEC and suPHP

      Enable or Disable Apache suEXEC and suPHP Most CGI software is run on the server as the user nobody. When you enable suEXEC, Apache can run CGI software as the user ID of the account owner rather than as the user nobody. To enable follow these steps: ...

    • Enable/disable reject all mail on a mailbox

      To enable or disable the "reject all mail" setting on mailboxes in hsphere (this is the solution to the '550 sorry, mail resource in discard mode' error) navigate to the hsphere control panel> mail info> "edit mailbox" for the desired account under ...