What is Firewalld?
Firewalld is a dynamically-managed, Linux-based firewall management tool that supports network/firewall zones. These zones define the level of trust for network connections or interfaces.
Firewalld supports IPv4 and IPv6 firewall settings, ethernet bridges, and IP sets. In addition, it allows services or applications to add firewall rules directly through the provided interface. The changes happen immediately without restarting the service or the use of a daemon.
A best practice is to have a firewall protecting your server. It provides the ability to control traffic flow to and from your server or hosting environment, giving you additional security. Firewalld allows the benefit of a firewall without the need to deploy physical hardware.
In this article, we discuss how to start and enable firewalld.
- Linux server running CentOS 7. This tutorial uses a Liquid Web Self-Managed CentOS 7 VPS.
- Root level access to the server as this tutorial runs all commands as root.
To install Firewalld on systems using the Yellow Dog Updater, Modified (YUM) package manager, use the following command.
yum install firewalld
To enable firewalld, run the following command.
systemctl enable firewalld
To start firewalld, run the following command.
systemctl start firewalld
Check the Status of Firewalld
To check the status of firewalld, run the following command.
systemctl status firewalld
Error Starting Firewalld
There are instances when the server throws an error when starting Firewalld.
systemctl start firewalld Failed to start firewalld.service: Unit is masked.
If you run into this error, you must unmask firewalld.service. Run the following command to unmask the service.
systemctl unmask firewalld Removed symlink /etc/systemd/system/firewalld.service.
Once completed, proceed to enable, start, and check the status of Firewalld.
Firewalld provides the security your server needs without additional hardware. Installing and enabling the service from the command line is not a difficult task and provides peace of mind and additional security to your infrastructure.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.