Enable Firewall and Disable Firewall on CentOS7

28/12/2020

How to Enable the Firewall and How to Disable the Firewall on CentOS 7.5

Firewalld is the default firewall program on CentOS 7.5. It is a command line program which is used to configure the firewall of CentOS 7.5. It is very easy to use.  Firewalld is available in Ubuntu/Debian, RHEL 7, CentOS 7, Fedora and many more Linux distribution.

In this article, I will show you how to enable Firewalld, how to disable Firewalld, and how to use Firewalld on CentOS 7.5. Let’s get started.

Installing Firewalld

Firewalld should be installed by default on CentOS 7.5.  If for any case it is not installed on your CentOS 7.5 operating system, you can easily install it from the official package repository of CentOS 7.5.  First update the yum package repository cache with the following command:

$ sudo yum makecache

The yum package repository cache should be updated.

Now install Firewalld with the following command:

$ sudo yum install firewalld

Press y and then press <Enter> to continue.

Firewalld should be installed.

Checking Whether Firewalld is Enabled

If Firewalld is enabled, it will start when your computer boots.

You can run the following command to check whether Firewalld is enabled:

$ sudo systemctl is-enabled firewalld

Adding Firewalld to the System Startup

If Firewalld is not enabled to start on system boot, you can run the following command to add it to the system startup. That way it will start when your computer boots.

$ sudo systemctl enable firewalld

Firewalld should be added to the system startup.

Removing Firewalld from the System Startup

If you don’t want Firewalld to start when your computer boots, that is you want to disable Firewalld, then run the following command:

$ sudo systemctl disable firewalld

Firewalld should be removed from your system startup.

Checking Whether Firewalld is Running

You can check whether Firewalld is running with the following command:

$ sudo systemctl status firewalld

As you can see from the screenshot below, Firewalld is running.

Starting Firewalld Service

If Firewalld is not running, then you can start Firewalld with the following command:

$ sudo systemctl start firewalld

Stopping Firewalld Service

If Firewalld is running, and you want to stop it, run the following command:

$ sudo systemctl stop firewalld

Using Firewalld

Firewalld has a command line utility firewall-cmd that you can use to configure the Firewalld firewall program.

Listing the Current Firewalld Configuration:

You can run the following command to list the current or active Firewalld configuration:

$ sudo firewall-cmd –list-all

The currently active Firewalld configuration should be listed.

Modifying Firewalld Configuration Permanently and Temporarily:

If you want to configure Firewalld permanently, that is, if the computer is rebooted, the changes should still be active, you have to add –permanent flag to every firewall-cmd configuration command.

If you want to test something, then you may leave out the –permanent flag. In this case, the changes should be reverted back once you restart your computer.

Adding Services:

You can let other computers on your network connect to specific services on your computer by adding these services to Firewalld.

For example, if you want other computers on your network to access the web server or HTTP service on your computer, you can add it to the Firewalld configuration as follows:

$ sudo firewall-cmd –add-service=http –permanent

NOTE: Here, http is the service name.

The http service should be added.

You can find all the available services if you run the following command:

$ ls /usr/lib/firewalld/services

All the predefined services are listed.

NOTE: You can copy one of the XML service file and create your own custom services.

Removing Services:

If you want to remove a service from the Firewalld configuration that is already added, let’s say, the http service, then you can run the following command:

$ sudo firewall-cmd –remove-service=http –permanent

NOTE: Here http is the service name.

The http service should be removed.

Adding Ports to Firewalld:

If the program you want to allow access to don’t have any predefined service in Firewalld, but you know the port the program is running on, you can add it to Firewalld without the need to create any service XML file (in /usr/lib/firewalld/services directory).

For example, if you want to add the TCP port 80 to Firewalld, run the following command:

$ sudo firewall-cmd –add-port=80/tcp –permanent

If you want to add an UDP port 80, then run the following command:

$ sudo firewall-cmd –add-port=80/udp –permanent

The port should be added.

You can also add a range of ports, let’s say TCP port 80008100, then run the following command:

$ sudo firewall-cmd –add-port=80008100/tcp –permanent

The ports should be added.

Removing Ports from Firewalld:

You can remove a TCP port, let’s say port 80 from Firewalld with the following command:

$ sudo firewall-cmd –remove-port=80/tcp –permanent

For UDP port 80, run the following command:

$ sudo firewall-cmd –remove-port=80/udp –permanent

For a range of TCP ports, let’s say 80008100, run the following command:

$ sudo firewall-cmd –remove-port=80008100/tcp –permanent

Reload Firewalld Configuration:

Once you’re done configuring Firewalld, you must run the following command to reload the new configuration:

$ sudo firewalld –reload

That’s how you install, enable and disable, use Firewalld on CentOS 7.5. Thanks for reading this article.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

How to Make a CentOS 7 Router

CentOS 7 has firewalld installed as a default firewall program. But firewalld can be used to configure CentOS 7 as a router...
29/12/2020

How To Open Port 80 on CentOS7

If you’re planning to host websites on CentOS 7, then you might install a web server software such as Apache or Nginx....
28/12/2020

[Graylog] [LAB] [Phần 6] Cấu hình Dashboards SSH

Các bạn chắc hẳn đã biết đến graylog từ các bài trước của chúng tôi. Nhưng ta cứ check mọi...
30/12/2020
Bài Viết

Bài Viết Mới Cập Nhật

Mua Proxy V6 Nuôi Facebook Spam Hiệu Quả Tại Onetcomvn
03/06/2024

Hướng dẫn cách sử dụng ProxyDroid để duyệt web ẩn danh
03/06/2024

Mua proxy Onet uy tín tại Onet.com.vn
03/06/2024

Thuê mua IPv4 giá rẻ, tốc độ nhanh, uy tín #1
28/05/2024

Thuê địa chỉ IPv4 IPv6 trọn gói ở đâu chất lượng, giá RẺ nhất?
27/05/2024