Saturday, January 31, 2015

[CentOS]: Linux Basics: Use Iptables Instead Of firewalld In RHEL 7/CentOS 7

Linux Basics: Use Iptables Instead Of firewalld In RHEL 7/CentOS 7


The Iptables feature is not included in Centos7 and RHEL 7 by default. Iptables is replaced with firewall-cmd. But, there are still some peoples use and familiar with traditional Iptables. In this brief tutorial, let us see how to replace firewall-cmd using Iptables in CentOS 7.
Diable firewalld service:
systemctl stop firewalld
systemctl mask firewalld
Then install iptables:
yum install iptables-services
Enable the iptables service at boot-time:
systemctl enable iptables
Check if the standard rules has been added to iptable(Ex. if port ssh and apache are enabled) 
cat /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [214:43782]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT
Reload the config file after any change.
service iptables restart
Or,
systemctl restart iptables
Next, check that the iptables service is Running:
systemctl status iptables
Check  activated rules in your iptabless with:
iptables -L
you can query the systemd journal for a “log” of the changes you made to the iptables service with:
journalctl -f -u iptables.service
Done!

No comments: