How to Disable or Turn Off Firewalld on CentOS 7

Introduction

Firewalld is a dynamically managed firewall solution that supports network zoning. System admins use it to allow and disallow incoming and outgoing traffic dynamically. It supports both IPv4 and IPv6 firewall settings. As of CentOS 7, firewalld (Dynamic Firewall Manager) is the default firewall tool on CentOS servers.

We advise keeping firewalld active and enabled at all times. However, admins might need to disable firewalld for testing or switching to another firewall tool, like iptables.

This tutorial will show you how to disable and stop the firewall on CentOS 7.

how to disable firewall on CentOS 7

Prerequisites

  • A user with sudo privileges
  • Access to a command-line (Ctrl-Alt-T)
  • A CentOS 7 machine

Check firewalld Status

Firewalld is enabled by default on every CentOS 7 machine.

To check firewalld status, run the following command from the command-line:

sudo systemctl status firewalld

If the firewall is running, you will see bright green text indicating that the firewall is active, as seen below.

active running firewall on CentOS 7

Disabling Firewall on CentOS

You can disable the firewall temporarily or permanently. The sections below provide instructions for both options.

Temporarily Stop firewalld

To temporarily disable the default firewall manager on CentOS 7, use the following command:

sudo systemctl stop firewalld

There will be no confirmation message.

To verify that firewalld is disabled, type:

sudo systemctl status firewalld

You can expect to see Active: inactive (dead).

verification that the firewall is stopped

The systemctl stop firewalld command will disable the service until reboot. After your runtime session ends and the system reboots, the firewalld service will be active again.

Permanently Disable firewalld

To permanently disable the firewall on CentOS 7, you will need to stop the firewall service and then disable it altogether.

To stop the firewalld tool, run:

sudo systemctl stop firewalld

This is also the same command we used to temporarily stop firewalld. Check firewall status.

sudo systemctl status firewalld

The output should state that the service is inactive.

To disable the service from activating upon system boot-up, enter this command:

sudo systemctl disable firewalld

See the image below for the output you can expect to find:

example screenshot of permanently disabled firewalld on CentOS

You have now successfully stopped and disabled the firewall service on your CentOS 7 server. However, other active services might activate firewalld.

To prevent other services from activating firewalld, mask firewalld from other services on the system:

sudo systemctl mask --now firewalld

This creates a symbolic link (symlink) from the firewalld service to /dev/null.

The output should appear as the following:

Output
Created symlink from /etc/systemd/system/firewalld.service to /dev/null.

Conclusion

By following this tutorial, you now know how to stop and disable the firewall on CentOS 7. Furthermore, you have learned how to mask the firewalld service from other active services to avoid reactivation.

Good security practices forbid disabling the firewall, especially on live servers. Always be cautious when doing so, even in test environments.

Was this article helpful?
YesNo
Dejan Tucakov
Dejan is the Head of Content at phoenixNAP with over 7 years of experience in Web publishing and technical writing. Prior to joining PNAP, he was Chief Editor of several websites striving to advocate for emerging technologies. He is dedicated to simplifying complex notions and providing meaningful insight into data center and cloud technology.
Next you should read
How to Enable and Use firewalld on CentOS 7
September 4, 2019

In this easy to follow tutorial, learn how to enable and use firewalld in CentOS 7. Learn what firewall zones are and how to work with default...
Read more
How to Enable/Disable UFW Firewall on Ubuntu 18.04
August 18, 2019

Ubuntu comes pre-installed with a firewall configuration tool, UFW (Uncomplicated Firewall). This tutorial shows you how to disable...
Read more
Best Tools to Monitor Network Bandwidth on a Linux Server
August 15, 2019

There are many different tools for monitoring network traffic on a Linux server. Each option has its strengths and weaknesses....
Read more
How to Configure Windows Server 2012 Firewall
September 17, 2018

Firewalls have become an essential part of every network that has access to the Internet. Without firewalls, anyone would be able to...
Read more
  • © 2021 Copyright phoenixNAP | Global IT Services. All Rights Reserved.