How to Start and Enable Firewalld on CentOS 7

Posted on August 9, 2019 by Ronald Caldwell | Updated: December 1, 2021

Category: Tutorials | Tags: CentOS, CentOS 7, Firewall, Firewalld, Security, Systemctl, Systemd

Reading Time: 2 minutes

What is Firewalld?

Firewalld is a dynamically-managed, Linux-based firewall management tool that supports network/firewall zones. These zones define the level of trust for network connections or interfaces.

Firewalld supports IPv4 and IPv6 firewall settings, ethernet bridges, and IP sets. In addition, it allows services or applications to add firewall rules directly through the provided interface. The changes happen immediately without restarting the service or the use of a daemon.

A best practice is to have a firewall protecting your server. It provides the ability to control traffic flow to and from your server or hosting environment, giving you additional security. Firewalld allows the benefit of a firewall without the need to deploy physical hardware.

In this article, we discuss how to start and enable firewalld.

Requirements

Linux server running CentOS 7. This tutorial uses a Liquid Web Self-Managed CentOS 7 VPS.
Root level access to the server as this tutorial runs all commands as root.

Install Firewalld

To install Firewalld on systems using the Yellow Dog Updater, Modified (YUM) package manager, use the following command.

yum install firewalld

Enable Firewalld

To enable firewalld, run the following command.

systemctl enable firewalld

Start Firewalld

To start firewalld, run the following command.

systemctl start firewalld

Check the Status of Firewalld

To check the status of firewalld, run the following command.

systemctl status firewalld

Error Starting Firewalld

There are instances when the server throws an error when starting Firewalld.

systemctl start firewalld
Failed to start firewalld.service: Unit is masked.

If you run into this error, you must unmask firewalld.service. Run the following command to unmask the service.

systemctl unmask firewalld
Removed symlink /etc/systemd/system/firewalld.service.

Once completed, proceed to enable, start, and check the status of Firewalld.

Wrapping Up

Firewalld provides the security your server needs without additional hardware. Installing and enabling the service from the command line is not a difficult task and provides peace of mind and additional security to your infrastructure.

Liquid Web offers 24/7/365 support with managed hosting options, so you don’t have to be a systems administrator. Contact our sales team to discuss your options and get started today.

About the Author: Ronald Caldwell

Ron is a Technical Writer at Liquid Web working with the Marketing team. He has 9+ years of experience in Technology. He obtained an Associate of Science in Computer Science from Prairie State College in 2015. He is happily married to his high school sweetheart and lives in Michigan with her and their children.