By default, RHEL 7 uses the FirewallD service to provide network security. FirewallD must be stopped and disabled when using the iptables service:
# systemctl stop firewalld.service # systemctl disable firewalld.service
# systemctl enable iptables.service # systemctl start iptables.service
The iptables service is now provided by a separate package called iptables-services:
# yum info iptables-services
Name : iptables-services
Arch : x86_64
Version : 1.4.21
Release : 13.el7
Size : 23 k
Repo : installed
From repo : anaconda
Summary : iptables and ip6tables services for iptables
URL : http://www.netfilter.org/
License : GPLv2
Description : iptables services for IPv4 and IPv6
:
: This package provides the services iptables and ip6tables that have been split
: out of the base package since they are not active by default anymore.
The iptables-services package may need to be installed 1st:
# systemctl -a|grep iptables ● iptables.service not-found inactive dead iptables.service
Stop and disable the firewalld service first.
# systemctl stop firewalld.service # systemctl disable firewalld.service Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
If you try to enable the iptables service, it would fail.
# systemctl enable iptables.service Failed to execute operation: No such file or directory
Install the iptables-services package.
# yum install iptables-services -y
Enable the iptables service :
# systemctl enable iptables.service Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
Start the iptables service :
# systemctl start iptables.service #