By default Centos 7 comes with firewallD installed, which is a wrapper around iptables. That’s great for people who don’t understand iptables, but its as cryptic or even worse as iptables so why bother ? On a minimal install, there is no firewalld, iptables is there but is missing iptables-service package. This is a short howto to get iptables up & running, in either minimal or full install.


disable firewalld

on a minimal its not there (hence it will fail) but be sure to check it :

# systemctl disable firewalld
Failed to execute operation: Access denied

if it is :

systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

Install services

This installs iptables-services and will make it possible to “save” it again. (I also set it to start after reboot)

yum install iptables-services
systemctl enable iptables

and voila :

service iptables save
service ip6tables save

ready to firewall up!