CentOS – Disable Iptables Firewall – Linux

The iptables is a built in firewall in the most Linux distributions, including CentOS.

Sometimes it is required to stop the iptables for troubleshooting of the network related problems.

Also, if there are some troubles with the recently installed application – you may see on the related forums a suggestion to stop the firewall temporary in order to check if the application works fine without it.

From this article you’ll learn how to check the current status of the iptables firewall, and how to disable or enable it in CentOS.

Privileges: The below commands must be executed with root privileges.

Iptables Status

Cool Tip: Have disable the iptables but the needed application still doesn’t work? Try to disable SELinux! Read more →

Check the status of the iptables IPv4 firewall:

# service iptables status

Check the status of the iptables IPv6 firewall:

# service ip6tables status

Stop and Disable Iptables

Before stopping the iptables you should understand that it serves for security of the Linux system and if it is properly configured, it helps to protect server from the different network attacks.

Disabling the iptables is not a good idea if you definitely don’t realize what you are doing and why.

It is acceptable to stop and disable the iptables only if this is your local test machine and safety can be neglected or you have another configured firewall in front of it.

Stop and remove from autostart (disable) the iptables IPv4 firewall:

# service iptables save
# service iptables stop
# chkconfig iptables off

Stop and remove from autostart (disable) the iptables IPv6 firewall:

# service ip6tables save
# service ip6tables stop
# chkconfig ip6tables off

Start and Enable Iptables

Cool Tip: Make your server secure than ever! Install and configure fail2ban with iptables! Read more →

Start and add to autostart (enable) the iptables IPv4 firewall:

# service iptables start
# chkconfig iptables on

Start and add to autostart (enable) the iptables IPv6 firewall:

# service ip6tables start
# chkconfig ip6tables on