CentOS 7 firewall-cmd not found

Question

I have just installed CentOS 7:

[root@new ~]# cat /etc/redhat-release
CentOS Linux release 7.1.1503 (Core)

I am trying to configure the firewall, and I'm told that in CentOS 7 iptables is no longer used, replaced by firewalld. When attempting to run a command to set a firewall rule as such:

firewall-cmd --add-port=80/tcp

I receive the following message:

[root@new ~]# firewall-cmd --add-port=80/tcp
-bash: firewall-cmd: command not found

edit: I tried the following command, too:

[root@new ~]# firewall-offline-cmd --add-port=80/tcp
-bash: firewall-offline-cmd: command not found

without any success.

I tried running the following to check that firewalld was installed:

[root@new ~]# service firewalld status
Redirecting to /bin/systemctl status  firewalld.service
firewalld.service
   Loaded: not-found (Reason: No such file or directory)
   Active: inactive (dead)

Following this output, I tried starting firewalld:

[root@new ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service
Failed to issue method call: Unit firewalld.service failed to load: No such file or directory.

Any ideas what is wrong with the CentOS 7 install? This is a clean install on an OpenVZ VPS, I'm yet to make any changes at all.

@MichaelHampton... Biggest facepalm of the week so far... I assumed since the service commands didn't flatout return "not found" like I've seen on debian it was installed but not configured or something, but you're correct, looks like it isn't installed. — BnMcG, Jul 31 '15 at 21:42
OpenVZ's default CentOS template is not standard; it's heavily customized and stripped down. (The same is true of all their other templates.) If something is missing, try installing it. And stop using OpenVZ based VPS providers as soon as possible; you are only going to run into more problems later... — Michael Hampton, Jul 31 '15 at 21:43
@MichaelHampton Ah that makes sense thank you, I was wondering why it wasn't preinstalled by default. — BnMcG, Jul 31 '15 at 21:44

score 35 · Accepted Answer · answered Jul 31 '15 at 21:46

35

Two possible options

Your PATH does not contain /usr/bin
firewall-cmd is not installed
- yum install firewalld

answered Jul 31 '15 at 21:46

user9517

114,104
20
206
289

As commented above by @MichaelHampton OpenVZ's CentOS 7 template is stripped down and does not include firewalld by default. The answer is, of course, to install firewalld. – BnMcG Jul 31 '15 at 21:47

score 33 · Answer 2 · answered Nov 14 '15 at 20:23

33

Looks to me like you don't have it installed/enabled.

yum install firewalld
systemctl unmask firewalld
systemctl enable firewalld
systemctl start firewalld

answered Nov 14 '15 at 20:23

Fred Flint

618
7
6

This is essentially the same as the previous answer. – kasperd Nov 14 '15 at 21:27
10

This answer adds value by showing the commands to enable and start the service. I upvoted both answers. – isapir Mar 18 '16 at 16:33
Though TBH I just found that the service is `enabled` by default. – isapir Mar 18 '16 at 16:37

score -3 · Answer 3 · edited Mar 19 '17 at 13:20

-3

Try the GUI tool instead, this util ships default with centos 6/7. firewalld is deprecated after centos5

$ sudo system-config-firewall

or

# system-config-firewall

The system-config-firewall looks like this image

edited Mar 19 '17 at 13:20

chicks

3,639
10
26
36

answered Mar 15 '17 at 06:54

snehasys

1

3

This is backward. In CentOS 7, firewalld is the default and system-config-firewall is deprecated. – Michael Hampton Mar 15 '17 at 07:01
The solution in my case was to install firewalld, it doesn't come with the OpenVZ image. Also, a GUI tool isn't available (at least readily) on a headless server. – BnMcG Mar 16 '17 at 12:16

CentOS 7 firewall-cmd not found

3 Answers3

Linked