The Iptables feature is not included in Centos7 and RHEL 7 by default. Iptables is replaced with firewall-cmd. But, there are still some peoples use and familiar with traditional Iptables. In this brief tutorial, let us see how to replace firewall-cmd using Iptables in CentOS 7.
Diable firewalld service:
systemctl stop firewalld systemctl mask firewalld
Then install iptables:
yum install iptables-services
Enable the iptables service at boot-time:
systemctl enable iptables
Check if the standard rules has been added to iptables (Ex. if port ssh and apache are enabled)
cat /etc/sysconfig/iptables
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [214:43782] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -i lo -j ACCEPT COMMIT
Reload the config file after any change.
service iptables restart
Or,
systemctl restart iptables
Next, check that the iptables service is Running:
systemctl status iptables
Check activated rules in your iptabless with:
iptables -L
you can query the systemd journal for a “log” of the changes you made to the iptables service with:
journalctl -f -u iptables.service
Done!
