The most common network filtering program is iptables. In the latest Red Hat Enterprise and another Linux Linux-based operating system, Another new firewall, Firewalld, is available. Iptables were the primary method for network packet filtering programs in earlier or older Red Hat and CentOS versions.
Why Disable Firewalld and Use Iptables?
Firewalld is the default firewall management tool on RHEL and CentOS, offering a straightforward way to configure firewall rules. However, some advanced users may prefer the flexibility and customization options that Iptables provides. By disabling Firewalld and configuring iptables, you gain more control over the firewall settings, making it suitable for specific security requirements.
Step 1: Disable Firewalld
Here we are going to disable and stop default firewall firewalld .
systemctl stop firewalld systemctl disable firewalld
In the latest version of RHEL / CentOS, both iptables, and Firewalld can be available for use, and then the system may have conflict services installed. To prevent an administrator from accidentally starting a service, a service may be masked. Masking will prevent if the services are started, nothing will happen.
systemctl mask firewalld
Step 2: Install and Configure Iptables
Here we are going to fresh install iptables service, may be in your server it already installed. Please check other wise install through below command.
# yum -y install iptables-services
Create Iptables files . Run below command for create a blank or null files for iptables.
touch /etc/sysconfig/iptables
If you use ip6tables services , then run the below command.
touch /etc/sysconfig/ip6tables
To check and verify service will starts at boot :
systemctl enable iptables
If you are using ip6tables, please run below command otherwise you can left or skip below command.
systemctl enable ip6tables
Now lets start the iptables services.
systemctl start iptables
For ip6tables services, use below command.
systemctl start ip6tables
Once Iptables is installed, you can start configuring it. The configuration file is located at /etc/sysconfig/iptables
. You can use a text editor like nano or vim to edit the file and define your firewall rules.
By following these steps, you’ve successfully disabled Firewalld and set up Iptables on your RHEL or CentOS system. Remember, Iptables provides a powerful way to manage your firewall rules, so tailor them according to your specific security needs. Regularly review and update your rules to ensure the ongoing security of your server.