All Products
Search
Document Center

:Enable or disable the system firewall function for Linux instances

Last Updated:Nov 10, 2023

Note

Disclaimer: this article may be contributed by the community or involve third-party product information, we recommend that you visit the community or the official website of third-party products for help and support. Third-party products will not be provided by Alibaba Cloud after-sales support. This document is for reference only. Alibaba Cloud makes no guarantee by express or any other means.

Introduction

Firewall is a technology that can help computers build a relatively isolated protective barrier between the internal network and the external network, thus protecting data information. If a firewall is enabled on the instance and you have configured security group rules to deny external access to the instance, you may fail to access the instance. This article describes how to enable or disable system firewall in Linux.

Detail

Note

Alibaba Cloud reminds you that:

  • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
  • You can modify the configurations and data of instances including but not limited to Elastic Compute Service (ECS) and Relational Database Service (RDS) instances. Before the modification, we recommend that you create snapshots or enable RDS log backup.
  • If you have authorized or submitted sensitive information such as the logon account and password in the Alibaba Cloud Management Console, we recommend that you modify such information in a timely manner.

Linux there are different release versions, and the command to enable or disable the system firewall varies in different release versions, match the following release commands based on the on-site environment.

CentOS 5/CentOS 6

The following table describes how to enable and disable the firewall and view the firewall running status in the CentOS 5 and CentOS 6 operating systems.

  • Activate Cloud Firewall
    service iptables start
  • Disable the firewall.
    service iptables stop
  • View firewall running status
    service iptables status

CentOS 7/Red Hat 7/Alibaba Cloud Linux 2

On CentOS 7, Red Hat, and Alibaba Cloud Linux 2 System: For more information about how to enable and disable the firewall and view the firewall running status, see the following information:

  • Activate Cloud Firewall
    systemctl start firewalld.service
  • Disable the firewall.
    systemctl stop firewalld.service
  • View firewall running status
    firewall-cmd --state

Ubuntu

In the Ubuntu operating system, the following information can be used to enable and disable the firewall and view the firewall running Status:

  • Activate Cloud Firewall
    ufw enable
  • Disable the firewall.
    ufw disable
  • View firewall running status
    ufw status

Debian

Debian does not have a firewall installed by default. You can clear the firewall policies and delete the corresponding blocking rules. To configure a dependency between the two tasks, follow these steps:

Note

Note: you must back up the firewall policy before clearing it.

  1. Run the following commands in sequence to back up the firewall policy:
    touch [$Iptables]
    iptables-save > [$Iptables]
    
    Note

    Note:[$Iptables] is the backup file address of the firewall policy.

  2. Run the following command to clear the firewall policy:
    iptables -F

References

Application scope

  • Elastic Compute Service