Skip to content

How To Disable Firewalld and Get Old School IPTables Back In CentOS 7 and RHEL 7

When CentOS 7 was released, it was quickly obvious that CentOS and Red Hat had switched over to firewalld for its firewall control. Although its syntax is a bit easier to work with than iptables, some software out there has issues with it, such as Docker. Some just prefer to stick with the standard iptables syntax because it is what they know and what they are comfortable with. So, if you have CentOS 7 or RHEL 7 installed and want the old iptables back, this guide is for you.

First thing’s first, disable firewalld

#  systemctl mask firewalld

Now, lets stop firewalld

#  systemctl stop firewalld

It would be a good idea to go ahead and make sure that firewalld is masked and inactive, so lets do just that.

#  systemctl status firewalld

firewalld.service
   Loaded: masked (/dev/null)
   Active: inactive (dead)


Install iptables and its dependencies by running this command:

#  yum -y install iptables-services

Now iptables is installed, we need to make sure it starts at boot time:

#  systemctl enable iptables
#  systemctl enable ip6tables

Everything is now installed and configured. All that’s left is to fire up the iptables services:

#  systemctl start iptables
#  systemctl start ip6tables

Easy peasy. Now you can use the old iptables syntax and functionality that has been in place for years. If you get stuck, feel free to post in the comments below. Thanks!