Firewalld is a lightweight and popular command-line management solution for Linux servers. It manages the network traffic using the concept of zones. You can assign the network interfaces to zones using the predefined rules. You can configure the firewall to block and allow the services or ports associated with the application.
Permanently or temporarily enabling or disabling the firewalld is one of the essential related tasks to troubleshoot the server access. This guide sees how to enable/disable the firewall on Rocky Linux 9.
How to Enable/Disable the Firewall on Rocky Linux 9
RHEL-based distros like Fedora, Rocky Linux, CentOS, and AlmaLinux have an installed firewalld by default. First, use the following command to check the firewalld’s status:
You can also use any of the following commands to check the status of the firewalld:
sudo systemctl is-active firewalld
sudo systemctl is-active firewalld.service
sudo systemctl status firewalld.service
Disable the Firewall on Rocky Linux 9
You can stop the firewalld service on the Rocky Linux server using any of the following commands:
sudo service firewalld stop
sudo systemctl stop firewalld
After stopping the firewalld service, you will see that its services become inactive in the status information:
Once you disable the firewall, you must manually enable or restart the system.
In some cases, the security groups manage the firewall. In this situation, a firewall is not required on a host. Hence, you can permanently disable the firewalld service through the following command:
If you don’t want to go for multiple steps to stop and disable the firewalld service, you can also use a single command only:
The previous command uses the –now argument with the systemctl disable command to apply the changes to the runtime environment.
To prevent the firewalld services from the firewalld-bus interface or any other service from running, you can mask its services with the following command:
Now, your Firewall Daemon service is masked; you cannot enable it unless its services are unmasked. Masking the firewalld services means that no other service or process has the privilege to enable your firewall. Let’s check the status of the firewall:
Enable the Firewall on Rocky Linux 9
Since we masked the firewalld service in the previous method, it will no longer start automatically after restarting the system. Now, unmask the service first through the following command:
After unmasking the service, start the firewalld service using any of the following commands:
sudo systemctl start firewalld
If you want to check the status of the currently running firewall service, run the following command:
You can enable the firewall service permanently through the following command:
Similarly, you can run the single command to enable the firewalld service:
Skip the systemctl start firewall step. You can enable it by starting the firewalld service as soon as possible with the –now flag.
Finally, you can check the status to see that the firewalld service is enabled.
Conclusion
This is all about enabling and disabling the firewalld on Rocky Linux 9. The firewall protects your machine and system from unwanted external traffic. It enables you to define the rules to control and protect the incoming network traffic. You can block, deny, or allow the traffic by disabling the firewall in your system.
