[CentOS]: Linux Basics: Use Iptables Instead Of firewalld In RHEL 7/CentOS 7

Linux Basics: Use Iptables Instead Of firewalld In RHEL 7/CentOS 7

The Iptables feature is not included in Centos7 and RHEL 7 by default. Iptables is replaced with firewall-cmd. But, there are still some peoples use and familiar with traditional Iptables. In this brief tutorial, let us see how to replace firewall-cmd using Iptables in CentOS 7.

Diable firewalld service:

systemctl stop firewalld
systemctl mask firewalld

Then install iptables:

yum install iptables-services

Enable the iptables service at boot-time:

systemctl enable iptables

Check if the standard rules has been added to iptables (Ex. if port ssh and apache are enabled) 

cat /etc/sysconfig/iptables

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [214:43782]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT

Reload the config file after any change.

service iptables restart

Or,

systemctl restart iptables

Next, check that the iptables service is Running:

systemctl status iptables

Check  activated rules in your iptabless with:

iptables -L

you can query the systemd journal for a “log” of the changes you made to the iptables service with:

journalctl -f -u iptables.service

Done!