Home > Oracle Linux, OS > How to stop/start and disable/enable firewall on Oracle Linux 7.

How to stop/start and disable/enable firewall on Oracle Linux 7.

Fedora 18 introduced firewalld as a replacement for the previous iptables service. Since RHEL7 and Oracle Linux 7 are based on Fedora 19, the switch from iptables service to firewalld is now part of the Enterprise Linux distributions.
The firewall on Oracle Linux 7 system is enabled by default. Normally there should not be a need to disable firewall but it may be quite handy for testing purposes etc. The firewall runs as firewalld daemon. Bellow command can be used to check the firewall status:

[root@orclprod ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
   Active: active (running) since Fri 2015-10-16 14:54:37 CEST; 18s ago
 Main PID: 2481 (firewalld)
   CGroup: /system.slice/firewalld.service
           L¦2481 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Oct 16 14:54:37 orclprod systemd[1]: Started firewalld - dynamic firewall d...n.
Hint: Some lines were ellipsized, use -l to show in full.

From the above output we can see that the firewall is enabled, which means it will start automatically after reboot and that is also current active. Furthermore, you can even check all currently applied rules with:

[root@orclprod ~]# iptables-save

You need to distinguish between the iptables service and the iptables command. Although firewalld is a replacement for the firewall management provided by iptables service, it still uses the iptables command for dynamic communication with the kernel packet filter (netfilter). So it is only the iptables service that is replaced, not the iptables command. That can be a confusing distinction at first.
The firewall on Oracle Linux 7 system can be stopped by a following command:

[root@orclprod ~]# service firewalld stop
Redirecting to /bin/systemctl stop  firewalld.service

Stopped firewall will start again after system’s reboot. To start firewall use the following command:

[root@orclprod ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service

In order to completely disable OL7 firewall, so it would not start after reboot, run:

[root@orclprod ~]# systemctl disable firewalld
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'

Now the firewall would not start after system’s reboot. To enable the firewall again run:

[root@orclprod ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.service'
Advertisements
Categories: Oracle Linux, OS Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: