5.2. Installing firewalld

⁠5.2. Installing firewalld

In Red Hat Enterprise Linux 7, firewalld is installed by default. If required, to ensure that it is, enter the following command as root:

~]# yum install firewalld

The graphical user interface configuration tool firewall-config is installed by default in some versions of Red Hat Enterprise Linux 7. If required, enter the following command as root to ensure firewall-config is installed:

~]# yum install firewall-config

To install the optional firewall-applet, enter the following command as root:

~]# yum install firewall-applet

The applet is visible in the panel of the desktop with the next login. The use of the applet in GNOME is limited according to the GNOME rules for applets.

⁠5.2.1. Stopping firewalld

To stop firewalld, enter the following command as root:

~]# systemctl stop firewalld

To prevent firewalld from starting automatically at system start, enter the following command as root:

~]# systemctl disable firewalld

To make sure firewalld is not started by accessing the firewalld D-Bus interface and also if other services require firewalld, enter the following command as root:

~]# systemctl mask firewalld

⁠5.2.2. Starting firewalld

To start firewalld, enter the following command as root:

~]# systemctl unmask firewalld
~]# systemctl start firewalld

To ensure firewalld starts automatically at system start, enter the following command as root:

~]# systemctl enable firewalld

⁠5.2.3. Checking If firewalld Is Running

To check if firewalld is running, enter the following command:

~]$ systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2016-10-11 09:15:58 CEST; 2 days ago
     Docs: man:firewalld(1)
 Main PID: 721 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─721 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Oct 11 09:15:57 localhost.localdomain systemd[1]: Starting firewalld - dynami...
Oct 11 09:15:58 localhost.localdomain systemd[1]: Started firewalld - dynamic...
Hint: Some lines were ellipsized, use -l to show in full.

In addition, check if firewall-cmd can connect to the daemon by entering the following command:

~]$ firewall-cmd --state
	running