How to enable iptables (instead of firewalld) services on RHEL 7 and Fedora 18?

Question

The newest fedora has firewalld as new firewall aplication. I liked old iptables services. I want them back but have no idea how to do that. I have tried :

systemctl disable firewalld.service
systemctl stop firewalld.service
systemctl enable iptables.service
systemctl enable ip6tables.service
systemctl start iptables.service
systemctl start ip6tables.service

But it does not work! Didn't find any help on wiki or google.

Disabling firewalld work ok, but when I'm trying to enable iptables.service I get:

systemctl enable iptables.service
Failed to issue method call: No such file or directory

Answer 1

Make sure you have the iptables-services package installed. This legacy package provides the systemd scripts for the previous iptables invocation. This package is not always installed, depending on your installation choices when you installed (or upgraded).

yum install iptables-services

And of course, if possible, you should use the new firewalld system. It should only be necessary to revert to the old system if firewalld fails to provide a feature you need.

Answer 2

This can be tricky.

Definitely

# yum install iptables-services
# systemctl start iptables
# systemctl enable iptables
# iptables -P INPUT ACCEPT
# iptables -F  # the policy is so you don't cut yourself off here
# ...
# ...  (iptables policies and rules as desired)
# iptables -P INPUT DROP # assumes you have input filters to keep ports open (optional)
# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]

then you have the persistent firewall rules.... BUT

consider well before veering from qfirewalldq. If you plan to use docker and containers, or Nessus, for now you have no choice, but firewalld does play well with most platforms/apps.