How To Disable Firewall In CentOS 7 Linux

A new day! A new Tutorial to help you guys: let’s Learn How To Disable Firewall In CentOS 7 Linux
Default installations of the CentOS 7 Linux operating system have firewalld installed and enabled by default as a security measure. If you’re wondering how to disable it, you can find out below.
I have talked about CentOS 7 and Security  earlier, the details of which you can read in these articles:

1. How to install SquirrelMail on CentOS 7
2. RPM Rebuild Database in CentOS: A Complete Tutorial

How To Disable Firewall In CentOS 7 Linux

In this guide, we will show you how you can disable both firewalld and iptables in CentOS 7 through the command line.
Note: The firewall is enabled by default for good reason.

Blocking Traffic

Blocking traffic from unwanted sources to our Linux system helps increase security. Rather than completely disabling the firewall, it is recommended that you instead learn how to use firewalld properly.

Disable Firewalld In CentOS 7

Firewalld is installed and enabled by default. On a CentOS 7 minimal system, we should be able to confirm this like we do below:

systemctl is-enabled firewalld

enabled

Being enabled means that the service will automatically initiate during system boot. We should be able to see that firewalld is both active and enabled. We can disable it as follows:

systemctl disable firewalld

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

Firewalld

Now, since firewalld is disabled, it isn’t going to automatically start on system boot. This will not stop the current running instance of firewalld, however. We can see below that it still has a status of active, meaning that firewalld is currently running.

systemctl is-active firewalld

active

To stop firewalld from running, we need to end the process separately, as shown below:

systemctl stop firewalld

Now if we query whether firewalld is running and enabled, we will see that it has been disabled.

systemctl is-enabled firewalld

disabled

systemctl is-active firewalld

unknown

systemctl start firewalld’ command

Although it has been disabled, it is still currently possible for the firewalld service to be initiated manually with the ‘systemctl start firewalld’ command. To completely prevent it from even being manually started, the service has to be masked.

systemctl mask firewalld

Created symlink from /etc/systemd/system/firewalld.service to /dev/null.
Now, even if we attempt to manually start firewalld, it will fail.

systemctl start firewalld

Failed to start firewalld.service: Unit firewalld.service is masked.

Disable Iptables In CentOS 7

As mentioned, by default, firewalld is in use in CentOS 7, but it is possible for firewalld to be removed and have the traditional iptables installed instead. If this is the situation, the same commands can be used, except we will specify iptables instead of firewalld:

systemctl stop iptables
systemctl disable iptables
systemctl mask iptables

Final Thoughts

Keep in mind that iptables and firewalld are mutually exclusive; only one should be running at any time. Therefore, even if we do want to use either firewalld or iptables, we need to make sure that the opposite service is completely stopped, disabled, and masked so that it doesn’t interfere.

Thanks
Do let us know if you want to add any specific VPS Hosting or Windows hosting topics into this tutorial series.