How to Install Iptables on CentOS 7 Server

FirewallD is replacement of iptables. Now a days, It can be use as the default firewall management tool. It’s a capable firewall solution which using firewall-cmd utility to manage firewall configuration. If you are comfortable with Iptables command-line syntax then you can enable Iptables. Iptables and firewalld are mutually exclusive so only one can be run at a time. This tutorial will cover steps how to install Iptables on CentOS 7 system.

Prerequisites#

Ensure that you are logged in as a non-root user with sudo privileges.

Disable FirewallD#

Before installing and use iptables services on CentOS system, you should disable firewalld service. Follow below commands to completely disable firewalld.

First of all, you need to stop firewalld service by typing:

sudo systemctl stop firewalld

After that, disable FirewallD service to start automatically on system boot:

sudo systemctl disable firewalld

You need to Mask the FirewallD service to stop it from being started by another services:

sudo systemctl mask --now firewalld

You can verify the status of FirewallD service by typing:

sudo systemctl status firewalld

By default, SSH port 22 is open. It will show output as below:

● firewalld.service
    Loaded: masked (/dev/null; bad)
    Active: inactive (dead)
 Apr 22 17:00:30 centos7 systemd[1]: Starting firewalld - dynamic firewall d…..
 Apr 22 17:00:33 centos7 systemd[1]: Started firewalld - dynamic firewall daemon.
 Apr 22 17:06:14 centos7 systemd[1]: Stopping firewalld - dynamic firewall d…..
 Apr 22 17:06:15 centos7 systemd[1]: Stopped firewalld - dynamic firewall daemon.

Install Iptables on CentOS 7#

At first, Run below command to install the iptables-service package from the CentOS repositories :

sudo yum install iptables-services

Once the process is completed, you should start iptables services using below command:

sudo systemctl start iptables

To start Iptables services automatically on your system boot, execute below command:

sudo systemctl enable iptables

You can check the iptables service status by typing:

sudo systemctl status iptables

To get list of iptables rules by type:

sudo iptables -nvL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
  pkts bytes target     prot opt in     out     source               destination
    23  1596 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
     0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0
     0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
     0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
     0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited
 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
  pkts bytes target     prot opt in     out     source               destination
     0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited
 Chain OUTPUT (policy ACCEPT 23 packets, 4120 bytes)
  pkts bytes target     prot opt in     out     source               destination

Thus, you have successfully enabled and started iptables service and you can manage your firewall.

Conclusion#

Finally, you have learned how to disable FirewallD and install and iptables on CentOS 7 server.

If you have any questions feel free to leave a comment below.