Tag Archives: Firewall

Fedora Firewall Changes

There’s another networking change that I’ve discovered in Fedora, the replacement of /etc/sysconfig/iptables (and the IPv6 equivalent) with Firewalld.  From reading the Firewalld documentation I can appreciate the use case for laptop and desktop users, however my main interest is servers (not that I’d recommend running Fedora as an OS for production servers) so I’d rather revert back to a static firewall system.  Here’s how to make that change:

yum install iptables-services
systemctl mask firewalld.service
systemctl enable iptables.service
systemctl enable ip6tables.service

At this point you should edit /etc/sysconfig/iptables-config and /etc/systconfig/ip6tables-config to lock down your system.  Once you’re happy with the static firewall rules:

systemctl stop firewalld.service
systemctl start iptables.service
systemctl start ip6tables.service
yum remove firewalld

Notice that there is a small window of vulnerability between stopping Firewalld and starting the iptables services.