CentOS 7 firewall basic

Wayne Zh

CentOS using firewalld ( not iptables) as firewall. It is a zone based firwall. By default, your network interface’s subnet will be add to trusted zone. You can use these command to check the status and setttings:

sudo systemctl status firewalld

sudo firewall-cmd --list-all-zones

Basic control and start

sudo systemctl disable firewalld
sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo systemctl stop firewalld

If you want to add a subnet to trusted zone:

sudo firewall-cmd --permanent --zone=trusted --add-source=
sudo firewall-cmd --reload
sudo firewall-cmd --list-all-zones