How To Disable Firewall On Linux – Stopping Firewall On Ubuntu

by

Turning off caps lock notifications in Windows stops the on-screen alert from appearing. But if you’re here, you probably need to know how to disable firewall on Linux instead. Maybe you’re troubleshooting a network issue, testing an application, or just need temporary access. Whatever the reason, disabling the firewall on Linux is a straightforward process once you understand the tools involved.

Linux systems typically use one of three main firewall tools: UFW (Uncomplicated Firewall), firewalld, or iptables. Each has its own commands and quirks. This guide covers all three, so you can handle any distribution you’re using. We’ll walk through the steps clearly, with no fluff.

Before we start, a quick warning: disabling your firewall leaves your system exposed to network threats. Only do this temporarily, and re-enable it as soon as your task is done. Now, let’s get into the details.

How To Disable Firewall On Linux

This section covers the exact steps for disabling the firewall on the most common Linux distributions. We’ll start with UFW, which is popular on Ubuntu and Debian-based systems. Then we’ll move to firewalld for CentOS, Fedora, and RHEL. Finally, we’ll cover iptables for older or minimal setups.

Disabling UFW On Ubuntu And Debian

UFW (Uncomplicated Firewall) is the default firewall frontend on Ubuntu. It’s simple to use, but you need to run commands with sudo privileges. Here’s how to turn it off:

  1. Open a terminal window. You can press Ctrl+Alt+T on most systems.
  2. Check the current status of UFW by running: 
    sudo ufw status

    This shows whether UFW is active or inactive.

  3. To disable UFW, enter: 
    sudo ufw disable

    You’ll see a message like “Firewall stopped and disabled on system startup.”

  4. Verify it’s off by running sudo ufw status again. The output should say “Status: inactive.”

That’s it. UFW is now disabled. But remember, this only affects the UFW frontend. If you have other firewall rules in place (like iptables), they may still be active. We’ll cover that later.

Re-enabling UFW

To turn UFW back on, use:

sudo ufw enable

This reactivates the firewall with your previous rules.

Disabling Firewalld On CentOS, Fedora, And RHEL

Firewalld is the default firewall service on Red Hat-based distributions. It uses zones and services to manage rules. To disable it, you need to stop the service and prevent it from starting at boot.

  1. Open a terminal.
  2. Check if firewalld is running: 
    sudo systemctl status firewalld

    Look for “active (running)” in the output.

  3. Stop the firewalld service: 
    sudo systemctl stop firewalld

    This halts the firewall immediately.

  4. Disable it from starting on boot: 
    sudo systemctl disable firewalld

    This prevents the service from starting automatically.

  5. Optionally, mask the service to prevent other services from starting it: 
    sudo systemctl mask firewalld

    Masking creates a symlink to /dev/null, making the service unstartable.

  6. Verify the status: 
    sudo systemctl status firewalld

    It should show “inactive (dead)” and “disabled.”

If you only want to stop firewalld temporarily without disabling it at boot, just run the stop command. The service will restart when you reboot.

Re-enabling Firewalld

To re-enable firewalld, run:

sudo systemctl unmask firewalld
sudo systemctl enable firewalld
sudo systemctl start firewalld

This restores the service to its default behavior.

Disabling Iptables Directly

Iptables is the low-level firewall tool that UFW and firewalld often manage. If you’re using a minimal Linux installation or a custom setup, you might need to disable iptables directly. This involves flushing all rules and setting the default policy to ACCEPT.

  1. Open a terminal.
  2. List current iptables rules: 
    sudo iptables -L -n -v

    This shows all rules in the filter table.

  3. Flush all rules: 
    sudo iptables -F

    This removes all existing rules.

  4. Set the default policy for all chains to ACCEPT: 
    sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

    This ensures no packets are dropped.

  5. If you use ip6tables for IPv6, repeat the same commands with ip6tables instead of iptables.
  6. To make these changes permanent, you need to save the iptables rules. On Debian/Ubuntu, use: 
    sudo apt-get install iptables-persistent
sudo netfilter-persistent save

    On CentOS/RHEL, use:

    sudo service iptables save

    Or for systemd systems:

    sudo iptables-save > /etc/iptables/rules.v4

Flushing iptables rules doesn’t stop the iptables service itself; it just clears the rules. The kernel still has the netfilter framework active, but with no rules, it effectively allows all traffic.

Re-enabling Iptables

To restore iptables rules, you can reload the saved rules file. For example:

sudo iptables-restore < /etc/iptables/rules.v4

Or restart the iptables service if it's managed by systemd.

Verifying The Firewall Is Disabled

After disabling the firewall, you should verify that it's actually off. Here are a few ways to check:

  • For UFW: Run sudo ufw status. It should say "Status: inactive."
  • For firewalld: Run sudo systemctl status firewalld. Look for "inactive (dead)."
  • For iptables: Run sudo iptables -L -n. The output should show empty chains with default policy ACCEPT.
  • General network test: Try pinging an external server or accessing a service. If it works, the firewall is likely disabled.

If you still have connectivity issues after disabling the firewall, the problem might be elsewhere—like network configuration, routing, or SELinux/AppArmor.

Common Issues And Troubleshooting

Sometimes disabling the firewall doesn't go as planned. Here are a few common problems and solutions:

Firewall Keeps Re-enabling After Reboot

If your firewall comes back after a restart, you likely didn't disable it permanently. For systemd services like firewalld, make sure you ran sudo systemctl disable firewalld. For UFW, sudo ufw disable should persist across reboots. For iptables, you need to save the empty ruleset.

Permission Denied Errors

Most firewall commands require root privileges. Always use sudo before the command. If you get a "permission denied" error, check that your user has sudo access.

UFW Says "Command Not Found"

UFW might not be installed by default on all Ubuntu flavors. Install it with:

sudo apt-get install ufw

Then proceed with disabling.

Firewalld Says "Failed To Stop"

This can happen if another service depends on firewalld. Try masking it first, then stopping. If that fails, check system logs with journalctl -xe for details.

Security Considerations

Disabling your firewall is a security risk. Here's what you should keep in mind:

  • Only disable temporarily. Turn it back on as soon as your task is done.
  • Use a different approach if possible. Instead of disabling the firewall entirely, consider adding a rule to allow specific traffic. For example, with UFW: 
    sudo ufw allow from 192.168.1.100 to any port 22

    This opens SSH only for one IP address.

  • Monitor your system. While the firewall is off, watch for unusual network activity. Use tools like netstat or ss to check open ports.
  • Consider a network firewall. If you're on a corporate network, the network firewall might still protect you. But don't rely on that alone.

Alternative Methods For Specific Distributions

Some Linux distributions have unique firewall tools. Here's a quick rundown:

OpenSUSE

OpenSUSE uses SuSEfirewall2 or firewalld. To disable SuSEfirewall2:

sudo systemctl stop SuSEfirewall2
sudo systemctl disable SuSEfirewall2

For firewalld, use the same commands as CentOS.

Arch Linux

Arch Linux doesn't have a default firewall. If you installed one (like iptables or nftables), disable it manually. For iptables:

sudo systemctl stop iptables
sudo systemctl disable iptables

For nftables:

sudo systemctl stop nftables
sudo systemctl disable nftables

Gentoo

Gentoo users often manage firewalls manually. Check which service is running with rc-update show. Stop and remove the service from default runlevel.

Using Nftables Instead Of Iptables

Modern Linux distributions are moving to nftables as a replacement for iptables. If your system uses nftables, the commands are different. To disable nftables:

  1. List current rules: 
    sudo nft list ruleset
  2. Flush all rules: 
    sudo nft flush ruleset
  3. Stop the nftables service: 
    sudo systemctl stop nftables
  4. Disable it at boot: 
    sudo systemctl disable nftables

To re-enable, start the service and reload your ruleset.

Automating Firewall Disable With Scripts

If you need to disable the firewall frequently, you can create a simple script. Here's an example for UFW:

#!/bin/bash
# Disable UFW firewall
sudo ufw disable
echo "UFW firewall has been disabled."

Save it as disable_firewall.sh, make it executable with chmod +x disable_firewall.sh, and run it with sudo ./disable_firewall.sh. Adjust the commands for firewalld or iptables as needed.

Frequently Asked Questions

How Do I Disable The Firewall On Linux Permanently?

To disable it permanently, you need to stop the firewall service and disable it from starting at boot. For UFW, use sudo ufw disable. For firewalld, use sudo systemctl disable firewalld. For iptables, flush rules and save the empty ruleset.

Is It Safe To Disable The Firewall On Linux?

No, it's not safe for long-term use. Disabling the firewall exposes your system to network attacks. Only do it temporarily for troubleshooting or testing, and re-enable it immediately afterward.

How Do I Check If The Firewall Is Disabled On Linux?

Use the appropriate status command: sudo ufw status for UFW, sudo systemctl status firewalld for firewalld, or sudo iptables -L -n for iptables. An inactive status or empty rules indicates the firewall is off.

Can I Disable The Firewall Without Using The Command Line?

Some desktop environments offer GUI tools. For example, Ubuntu has "GUFW" (Graphical UFW). You can install it with sudo apt-get install gufw and disable the firewall from there. However, the command line is more reliable and universal.

What Happens If I Disable The Firewall On A Server?

Disabling the firewall on a server leaves it vulnerable to unauthorized access. Attackers can scan for open ports and exploit services. Always use a network firewall or restrict access via other means if you must disable the local firewall.

Conclusion

Disabling the firewall on Linux is a simple process once you know your system's tool. Whether you're using UFW, firewalld, or iptables, the steps are clear and easy to follow. Just remmeber to re-enable the firewall when you're done. Your system's security depends on it.

If you run into any issues, refer back to the troubleshooting section or check your distribution's documentation. And if you're still unsure, ask your system administrator for help. Stay safe out there.