Salta al contenuto principale

CentOS 7 - Networking Support • Re: Using Zones in Firewalld to Block Outbound Access

The postinstall script of package 'iptables-services' does do some "systemctl preset".
I'd guess that those "presets" change what services can run.
(Plain "yum install" does not stop firewalld; I guess the effect would show on next restart.)

One can enforce that an installed service does cannot run by masking it:
systemctl mask firewalld.service

(It is possible to start a disabled service, but the mask blocks even that.)

Statistics: Posted by jlehtone — 2023/09/11 15:58:44