I don't see the point in leaving firewall* packages installed if you have switched to using iptables or nftables. It just creates confusion for anyone that comes along later and has to work out what's in use.
I'd just yum remove firewall\* and then read what it says it's going to do before replying Y.
Using Zones in Firewalld to Block Outbound Access
Re: Using Zones in Firewalld to Block Outbound Access
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 7
- Joined: 2023/09/08 16:00:39
Re: Using Zones in Firewalld to Block Outbound Access
jlehtone wrote: ↑2023/09/13 14:45:36Do show output of systemctl status firewalldyildizabdullah wrote: ↑2023/09/12 13:37:59Is there any side effect of leaving the state of the firewalld.service as it is?
Code: Select all
# systemctl status firewalld
● firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Sep 13 22:24:17 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:17 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:17 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:17 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:17 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:17 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:18 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:18 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:24:20 centos7-server systemd[1]: Cannot add dependency job f....
Sep 13 22:36:37 centos7-server systemd[1]: Cannot add dependency job f....
Warning: firewalld.service changed on disk. Run 'systemctl daemon-reload' to reload units.
Hint: Some lines were ellipsized, use -l to show in full.
Re: Using Zones in Firewalld to Block Outbound Access
You could run that systemctl daemon-reload as the output suggests.
The firewalld.service seems to be masked, so everything should be ok.
I do agree with Trevor that complete removal of FirewallD is the most clean option.
The removal of firewall* on CentOS 7 system probably removes:
firewall-applet, firewall-config, firewalld, firewalld-filesystem
and packages that require those, e.g.
anaconda-core, anaconda-gui, anaconda-tui, initial-setup, initial-setup-gui
The anaconda and initial-setup were used only on initial install of the system, so it should be ok to remove the firewalld.
Unless in your system some more important packages would get removed ...
The firewalld.service seems to be masked, so everything should be ok.
I do agree with Trevor that complete removal of FirewallD is the most clean option.
The removal of firewall* on CentOS 7 system probably removes:
firewall-applet, firewall-config, firewalld, firewalld-filesystem
and packages that require those, e.g.
anaconda-core, anaconda-gui, anaconda-tui, initial-setup, initial-setup-gui
The anaconda and initial-setup were used only on initial install of the system, so it should be ok to remove the firewalld.
Unless in your system some more important packages would get removed ...
-
- Posts: 7
- Joined: 2023/09/08 16:00:39
Re: Using Zones in Firewalld to Block Outbound Access
Thank you for your support.jlehtone wrote: ↑2023/09/14 06:53:05You could run that systemctl daemon-reload as the output suggests.
The firewalld.service seems to be masked, so everything should be ok.
I do agree with Trevor that complete removal of FirewallD is the most clean option.
The removal of firewall* on CentOS 7 system probably removes:
firewall-applet, firewall-config, firewalld, firewalld-filesystem
and packages that require those, e.g.
anaconda-core, anaconda-gui, anaconda-tui, initial-setup, initial-setup-gui
The anaconda and initial-setup were used only on initial install of the system, so it should be ok to remove the firewalld.
Unless in your system some more important packages would get removed ...