Boot attacks and malware on the websites are the order of the day, and the companies that offer Security Solutions try your best to keep up and face the daily challenges.
In addition to complex software applications, able to identify, analyze and block automatically computer attacks on a web server, there are also manual solutions through which the IPs of the attacks can be blocked.
Starting with 7 CentOS, was entered by default FirewallD as a firewall management utility.
FirewallD is a complete firewall solution that can be configured and run through command lines firewall-cmd. However, not all server administrators are familiar with FirewallD syntax and prefer it iptables instead of this utility.
How to replace FirewallD with iptables on CentOS 7
First we need to have access to Administrator privileges on the operating system. Preferably directly logged in with “root"In terminal or SSH.
1. Stop running the FirewallD service on CentOS 7 by running the command line:
sudo systemctl stop firewalld
2. Disable the automatic start of FirewallD after restartsystem area:
sudo systemctl disable firewalld
3. We mask the FirewallD service to prevent it from being started by another process:
sudo systemctl mask --now firewalld
After this step, the FirewallD service was turned off and completely disabled on CentOS 7.
Installing and running iptables on CentOS 7
The first step is to install the iptables service on CentOS 7.
1. Run the command line for installation iptables services:
sudo yum install iptables-services
2. We start the iptables services for IPv4 and IPv6:
sudo systemctl start iptables sudo systemctl start ip6tables
3. Activate the automatic start of the iptables service when starting the operating system:
sudo systemctl enable iptables sudo systemctl enable ip6tables
4. We check if the iptables service is running properly:
sudo systemctl status iptables sudo systemctl status ip6tables
The above command should return the result:
● iptables.service - IPv4 firewall with iptables Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled) Active: active (exited) since Thu 2020-07-09 07:02:51 UTC; 21min ago Main PID: 13765 (code=exited, status=0/SUCCESS) Jul 09 07:02:51 server.name systemd: Starting IPv4 firewall with iptables... Jul 09 07:02:51 server.name iptables.init: iptables: Applying firewall rules: [ OK ] Jul 09 07:02:51 server.name systemd: Started IPv4 firewall with iptables.
5. We check the rules in iptables with the command line:
sudo iptables -nvL sudo ip6tables -nvL
If you have reached this point, you have the service FirewallD off and off, and in its place is installed iptablesThat runs properly and can be administered by command syntaxes specific.