Like most other Linux distributions, CentOS 7 uses the netfilter
framework inside the Linux kernel in order to access packets that flow through the network stack. This provides the necessary interface to inspect and manipulate packets in order to implement a firewall system.
Most distributions use the iptables
firewall, which uses the netfilter
hooks to enforce firewall rules. CentOS 7 comes with an alternative service called firewalld
which fulfills this same purpose.
While firewalld
is a very capable firewall solution with great features, it may be easier for some users to stick with iptables
if they are comfortable with its syntax and happy with its behavior and performance. The iptables
command is actually used by firewalld
itself, but the iptables
service is not installed on CentOS 7 by default. In this guide, we’ll demonstrate how to install the iptables
service on CentOS 7 and migrate your firewall from firewalld
to iptables
(check out this guide if you’d like to learn how to use FirewallD instead). Continue reading