GNU/Linux >> Linux Esercitazione >  >> Cent OS

Come arrestare/disabilitare Firewalld su CentOS/RHEL 8

Domanda :Come fermare e disabilitare firewalld (iptables nella versione precedente) in CentOS/RHEL 8?

Il servizio iptables viene sostituito con il servizio firewalld in CentOS/RHEL 7. Il comando "iptables -L" elencherà l'insieme di regole in vigore sul nodo.

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
INPUT_direct all -- anywhere anywhere
INPUT_ZONES_SOURCE all -- anywhere anywhere
INPUT_ZONES all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER-ISOLATION all -- anywhere anywhere
DOCKER all -- anywhere anywhere
....

Il comando systemctl elencherà tutti i servizi in esecuzione sul nodo. Durante la verifica del servizio "iptables" non ripristina alcun output. Il servizio iptables è sostituito dal nome “firewalld”

# systemctl | grep -i iptables
# systemctl | grep -i firewall
firewalld.service loaded active running firewalld - dynamic firewall daemon

Per verificare lo stato del servizio è possibile utilizzare il comando seguente:

# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2016-06-08 22:24:56 IST; 19s ago
Main PID: 18060 (firewalld)
CGroup: /system.slice/firewalld.service
└─18060 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Starting firewalld - dynamic firewall daemon...
Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Started firewalld - dynamic firewall daemon.

Il servizio può essere interrotto dal comando seguente e può ricontrollare lo stato:

# systemctl stop firewalld
# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Wed 2016-06-08 22:25:50 IST; 2s ago
Process: 18060 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 18060 (code=exited, status=0/SUCCESS)

Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Starting firewalld - dynamic firewall daemon...
Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Started firewalld - dynamic firewall daemon.
Jun 08 22:24:57 geeklab-docker-TD firewalld[18060]: 2016-06-08 22:24:57 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t nat -C...name.
Jun 08 22:24:57 geeklab-docker-TD firewalld[18060]: 2016-06-08 22:24:57 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t nat -C...in?).
Jun 08 22:24:57 geeklab-docker-TD firewalld[18060]: 2016-06-08 22:24:57 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t nat -I...name.
Jun 08 22:25:49 geeklab-docker-TD systemd[1]: Stopping firewalld - dynamic firewall daemon...
Jun 08 22:25:50 geeklab-docker-TD systemd[1]: Stopped firewalld - dynamic firewall daemon.

Per disabilitare il servizio al prossimo avvio (chkconfig in OL6 e precedenti), è possibile eseguire il comando seguente. Eseguendo il relativo file i collegamenti vengono rimossi e non verranno indirizzati la prossima volta.

# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Fri 2016-05-13 10:54:39 EDT; 1 months 3 days ago
Main PID: 582 (firewalld)
CGroup: /system.slice/firewalld.service
└─582 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

May 13 10:54:39 geeklab systemd[1]: Started firewalld - dynamic firewall daemon.
# systemctl disable firewalld
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
[root@geeklab ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
Active: active (running) since Fri 2016-05-13 10:54:39 EDT; 1 months 3 days ago
Main PID: 582 (firewalld)
CGroup: /system.slice/firewalld.service
└─582 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

May 13 10:54:39 geeklab systemd[1]: Started firewalld - dynamic firewall daemon.


Cent OS

  1. CentOS / RHEL 7:come avviare/arrestare o abilitare/disabilitare Firewalld

  2. Come disabilitare IPv6 su CentOS / RHEL 7

  3. Come disabilitare firewalld e passare a iptables in CentOS / RHEL 7

  4. Come disabilitare "lvm2-lvmetad.socket/service" su CentOS/RHEL 7

  5. Come disabilitare il servizio rpc.quotad in CentOS/RHEL 6 e 7

Come arrestare/avviare il firewall su RHEL 8 / CentOS 8

Come fermare e disabilitare Firewall su CentOS 7

Come fermare e disabilitare il firewall su CentOS 8

Come disabilitare IPv6 su CentOS 7 / RHEL 7

Come disabilitare il servizio rpc.quotad in CentOS/RHEL

CentOS / RHEL 5, 6:come disabilitare NetworkManager