Generally, it is recommended for admins to turn off Firewalld in CentOS7 to test or switch to another firewall tool, like iptables.

As part of our Server Management Services, we assist our customers with several CentOS queries.

Today, let us see how we can turn Firewalld off.

Turn off Firewalld in CentOS7

With Firewalld, we can allow and disallow incoming and outgoing traffic dynamically.

In order to begin, our Support Techs recommend having a user with sudo privileges, access to a command-line and a CentOS 7 machine.

• Check firewalld Status

By default, every CentOS 7 machine has Firewalld.

To check its status, we run:

sudo systemctl status firewalld

The bright green text indicates that the firewall is active.

• Disable Firewall on CentOS

We have two options. Either we can disable it temporarily or permanently.

However, our Support Techs show instructions for both options.

• Temporarily Disable firewalld

To temporarily disable the default firewall manager on CentOS 7, we run:

sudo systemctl stop firewalld

We will not receive a confirmation message.

Hence to verify, we run:

sudo systemctl status firewalld

We can expect to see Active: inactive (dead).

The systemctl stop firewalld command disables the service until reboot.

• Permanently Disable firewalld

To permanently disable the firewall on CentOS 7, we have to stop the firewall service and then disable it altogether.

Initially, to stop the firewalld tool, we run:

sudo systemctl stop firewalld

This is similar to the command we used to temporarily stop firewalld.

Once done, we check the firewall status:

sudo systemctl status firewalld

The output should state that the service is inactive.

On the other hand, to disable the service from activating upon system boot-up, we run:

sudo systemctl disable firewalld

This successfully stops and disables the firewall service on the CentOS 7 server. However, other active services might activate firewalld.

To prevent this from happening, we mask firewalld from other services on the system:

sudo systemctl mask --now firewalld

This creates a symbolic link (symlink) from the firewalld service to /dev/null.

The output will be similar to the following:

Created symlink from /etc/systemd/system/firewalld.service to /dev/null.

[Need further assistance? We are here for you]

Conclusion

In short, we saw how our Support Techs turns off Firewalld in CentOS7.