How to start/stop and enable/disable Firewall on Redhat 7 Linux system

In RHEL7, to stop/start and enable/disable the firewall is quite different from RHEL6. In Red hat 7 "firewalld" named service we used for local firewall. Please find the below example step by step to check the firewall status.

How to check status of RHEL7 firewall:

[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)

Active: active (running) since Thu 2018-02-05 12:37:47 IST; 0 months 1 days ago

Main PID: 332 (firewalld)

CGroup: /system.slice/firewalld.service
           └─332 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Feb 05 12:37:47 localhost systemd[1]: Starting firewalld - dynamic firewall daemon...
Feb 05 12:37:49 localhost systemd[1]: Started firewalld - dynamic firewall daemon.

In the above status firewall is by default enable on the linux system. It is enable automatically when system restart or on.

How to Stop and Start RHEL7 firewall:

 

Please use the below commands to start stop the firewall on redhat linux 7 operating system. 

[root@localhost ~]# service firewalld stop
Redirecting to /bin/systemctl stop  firewalld.service
Stopped firewall will start again after system's reboot.

[root@localhost ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service

How to Disable and Enable RHEL7 firewall:

If you want to disable permanently firewall so that after reboot it is not enable again, please use the below command.

[root@localhost ~]# systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'

If you want to enable the firewall again run please use the below command.

[root@localhost ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.se

How to disable the SELinux in Linux operating system machine

Security-enhanced Linux (SELINUX): SELinux is know as Security enhanced linux system which is the security feature of the Linux kernel system. It is define the security Policy which makes system proctative agaginst the misconfiguration of the daemons. SELinux running in 3 modes which is disabled, enabled and permissive. We will explain these mode in configuration steps.

Here, you can find the all the steps which is required to enable or disable the SELinux configuration.

How to disable SELinux on Linux operating system:

➤ In the first step you can check the current status of SELinux. To do this please run the below command.

[root@localhost]# getenforce

Enabled

"getenforce" command is used for checking the current status of SELinux.

➤ As you see on my machine when I run the above command my SElinux is enabled, So in this step we will change the SELinux mode.

[root@localhost]# vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - No SELinux policy is loaded.

SELINUX=disabled

# SELINUXTYPE= can take one of these two values:

# targeted - Targeted processes are protected,

# mls - Multi Level Security protection.

SELINUXTYPE=targeted

Normally selinux configuration file you can found on the above location. You can edit the SELINUX entry to disabled. All the command is run by super user "root" only.

➤ Once you change the entry in SELinux configuration file then for permanent effect you need to take a reboot of the system.

[root@localhost]# init 6

Once you reboot the server all the configuration files changes has been done.

➤ In the last step you will run the "getenforce" command again to verify the new status of SELinux.

[root@localhost]# getenforce

Disabled

If you comparison the both step 1 and this step output you can found that SELinux policy is not disabled on the Linux operating system.