CentOS 7 / RHEL 7 doesn’t come with iptables by default. It uses a full functional firewall system called ‘firewalld’. I have been a big fan of iptables and it’s capability from the very first, and since I have switched to CentOS 7, I couldn’t stop using it. I had to stop firewalld and install iptables in all of my CentOS 7 installation and start using iptables rules as I was using before. Here is a small How To guide on installing Iptables and disabling firewalld from a CentOS 7 or RHEL 7 or a similar variant distro.
How to Install IPTABLES in CentOS 7
To begin using iptables, you need to download and install iptables-service package from the repo. It isn’t installed automatically on CentOS 7. To do that, run the following command:
# yum install iptables-services -y
How to stop the firewalld service and start the Iptables service
Once the iptables-serivces package is installed, you can now stop the firewalld and start the iptables. Keeping both kind of network filtering too can create conflicts and it is recommended to use any out of two. To do that run the following:
# systemctl stop firewalld
# systemctl start iptables
Now to disable firewalld from the starting after the boot, you need to disable the firewalld:
# systemctl disable firewalld
To disallow starting firewalld manually as well, you can mask it:
# systemctl mask firewalld
Now you can enable iptables to start at the boot time by enabling iptables using systemctl command:
# systemctl enable iptables
How to check status of iptables in centOS 7
In previous distros, iptables status could be fetched using service command, although, the option is no longer available in CentOS 7. To fetch the iptables status, use the following:
# iptables -S
Iptables save command can still be used using service tool:
# service iptables save
This would save your iptables rules to /etc/sysconfig/iptables
as it used to do in previous distros.