How do I Install and Use Iptables on CentOS/RHEL 7

    By 2 Mins Read

    Latest Linux operating systems like CentOS/RedHat 7 and Fedora 21 has stopped using iptables and start now using dynamic firewall daemon firewalld which provides a dynamically managed firewall. It supports for network and zones to assign a level of trust to a network, connections, and interfaces. Firewalld also provides an interface for services or applications to add firewall rules directly. This article will help you to disable firewalld service and then install and use iptables on CentOS and Red Hat 7 Systems. Visit here to read more about firewalld.

    Advertisement

    Disable Firewalld Service

    Before installing and using iptables services on CentOS and Red Hat 7 systems, we need to disable firewalld service. To completely disable firewalld service use following commands.

    sudo systemctl stop firewalld
sudo systemctl mask firewalld

    Now check firewalld status

    sudo systemctl status firewalld

    firewalld.service
   Loaded: masked (/dev/null)
   Active: inactive (dead) since Fri 2015-02-27 11:09:37 EST; 56s ago
 Main PID: 7411 (code=exited, status=0/SUCCESS)

Feb 27 11:02:18 svr10 systemd[1]: Started firewalld - dynamic firewall daemon.
Feb 27 11:09:36 svr10 systemd[1]: Stopping firewalld - dynamic firewall daemon...
Feb 27 11:09:37 svr10 systemd[1]: Stopped firewalld - dynamic firewall daemon.

    Install Iptables on CentOS/RHEL 7

    Now install iptables service using yum package manager using the following command.

    sudo yum install iptables-services

    After installing enable iptables service and start using below commands.

    sudo systemctl enable iptables
sudo systemctl start iptables

    Now check the iptables service status using below command.

    sudo systemctl status iptables

    Iptables on CentOS7

    To list iptables rules use the following command.

    sudo iptables -L

    Chain INPUT (policy ACCEPT)
target     prot opt source       destination
ACCEPT     all  --  anywhere     anywhere       state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere     anywhere     
ACCEPT     all  --  anywhere     anywhere     
ACCEPT     tcp  --  anywhere     anywhere       state NEW tcp dpt:ssh
REJECT     all  --  anywhere     anywhere       reject-with icmp-host-prohibited
                                              
Chain FORWARD (policy ACCEPT)                 
target     prot opt source       destination  
REJECT     all  --  anywhere     anywhere       reject-with icmp-host-prohibited
                                              
Chain OUTPUT (policy ACCEPT)                  
target     prot opt source       destination

    Share.

    Related Posts

    Add A Comment

    Leave A Reply