GNU/Linux >> Belajar Linux >  >> Cent OS

Cara Menghentikan/menonaktifkan Firewalld di CentOS/RHEL 8

Pertanyaan :Bagaimana cara menghentikan dan menonaktifkan firewalld (iptables di versi sebelumnya) di CentOS/RHEL 8?

Layanan iptables diganti dengan layanan firewalld di CentOS/RHEL 7. Perintah “iptables -L” akan mencantumkan kumpulan aturan yang ada di node.

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
INPUT_direct all -- anywhere anywhere
INPUT_ZONES_SOURCE all -- anywhere anywhere
INPUT_ZONES all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER-ISOLATION all -- anywhere anywhere
DOCKER all -- anywhere anywhere
....

Perintah systemctl akan mencantumkan semua layanan yang berjalan di node. Saat memverifikasi layanan "iptables" tidak mengembalikan output apa pun. Service iptables diganti dengan nama “firewalld”

# systemctl | grep -i iptables
# systemctl | grep -i firewall
firewalld.service loaded active running firewalld - dynamic firewall daemon

Untuk memeriksa status layanan dapat menggunakan perintah di bawah ini:

# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2016-06-08 22:24:56 IST; 19s ago
Main PID: 18060 (firewalld)
CGroup: /system.slice/firewalld.service
└─18060 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Starting firewalld - dynamic firewall daemon...
Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Started firewalld - dynamic firewall daemon.

Layanan dapat dihentikan dengan perintah di bawah ini dan dapat memeriksa kembali statusnya:

# systemctl stop firewalld
# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Wed 2016-06-08 22:25:50 IST; 2s ago
Process: 18060 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 18060 (code=exited, status=0/SUCCESS)

Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Starting firewalld - dynamic firewall daemon...
Jun 08 22:24:56 geeklab-docker-TD systemd[1]: Started firewalld - dynamic firewall daemon.
Jun 08 22:24:57 geeklab-docker-TD firewalld[18060]: 2016-06-08 22:24:57 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t nat -C...name.
Jun 08 22:24:57 geeklab-docker-TD firewalld[18060]: 2016-06-08 22:24:57 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t nat -C...in?).
Jun 08 22:24:57 geeklab-docker-TD firewalld[18060]: 2016-06-08 22:24:57 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -t nat -I...name.
Jun 08 22:25:49 geeklab-docker-TD systemd[1]: Stopping firewalld - dynamic firewall daemon...
Jun 08 22:25:50 geeklab-docker-TD systemd[1]: Stopped firewalld - dynamic firewall daemon.

Untuk menonaktifkan layanan pada boot berikutnya (chkconfig di OL6 dan sebelumnya), dapat menjalankan perintah di bawah ini. Dengan menjalankan file terkait, tautan akan dihapus dan tidak akan dirujuk di lain waktu.

# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Fri 2016-05-13 10:54:39 EDT; 1 months 3 days ago
Main PID: 582 (firewalld)
CGroup: /system.slice/firewalld.service
└─582 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

May 13 10:54:39 geeklab systemd[1]: Started firewalld - dynamic firewall daemon.
# systemctl disable firewalld
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
[root@geeklab ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
Active: active (running) since Fri 2016-05-13 10:54:39 EDT; 1 months 3 days ago
Main PID: 582 (firewalld)
CGroup: /system.slice/firewalld.service
└─582 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

May 13 10:54:39 geeklab systemd[1]: Started firewalld - dynamic firewall daemon.


Cent OS

  1. CentOS / RHEL 7 :Cara memulai / Menghentikan atau mengaktifkan / menonaktifkan Firewalld

  2. Cara menonaktifkan IPv6 di CentOS / RHEL 7

  3. Cara menonaktifkan layanan avahi-daemon di CentOS/RHEL

  1. Cara Menonaktifkan 'lvm2-lvmetad.socket/service' di CentOS/RHEL 7

  2. Cara Menonaktifkan Layanan rpc.quotad di CentOS/RHEL

  3. CentOS / RHEL 5, 6:cara menonaktifkan NetworkManager

  1. Hentikan dan Nonaktifkan Firewalld pada CentOS 7 - Proses Langkah demi Langkah?

  2. CentOS / RHEL 6,7 :Cara mengaktifkan atau menonaktifkan layanan XDMCP (GDM)

  3. Cara menonaktifkan IPv6 di CentOS / RHEL 5