Recently I started a CentOS 8 VM on my OpenStack setup. When trying to configure firewall rules using firewall-cmd, encountered the error “firewall-cmd: command not found“. Below is the complete error:
# firewall-cmd bash: firewall-cmd: command not found
Firewall-cmd Command
Firewall-cmd is a CLI from the firewalld package to dynamically manage the firewall.
How to fix firewall-cmd: command not found on CentOS 8
To solve the above error, let’s find out which is the corresponding package that provides the firewall-cmd command.
# dnf whatprovides firewall-cmd Last metadata expiration check: 2:52:34 ago on Fri 11 Feb 2022 12:26:20 PM IST. firewalld-0.9.3-11.el8.noarch : A firewall daemon with D-Bus interface providing a dynamic firewall Repo : baseos Matched from: Filename : /usr/bin/firewall-cmd
From the above command, it is clear that firewalld package provides the firewall-cmd command which is from the BaseOS repository.
How to install firewalld on CentOS 8
Let’s install the firewalld package
# dnf in firewalld -y Last metadata expiration check: 2:55:27 ago on Fri 11 Feb 2022 12:26:20 PM IST. Dependencies resolved. ============================================================================================================================================================================================================================================= Package Architecture Version Repository Size ============================================================================================================================================================================================================================================= Installing: firewalld noarch 0.9.3-11.el8 baseos 503 k Installing dependencies: firewalld-filesystem noarch 0.9.3-11.el8 baseos 78 k ipset x86_64 7.1-1.el8 baseos 45 k ipset-libs x86_64 7.1-1.el8 baseos 71 k iptables x86_64 1.8.4-22.el8 baseos 584 k iptables-ebtables x86_64 1.8.4-22.el8 baseos 72 k libnetfilter_conntrack x86_64 1.0.6-5.el8 baseos 65 k libnfnetlink x86_64 1.0.1-13.el8 baseos 33 k libnftnl x86_64 1.1.5-5.el8 baseos 83 k nftables x86_64 1:0.9.3-24.el8 baseos 323 k python3-firewall noarch 0.9.3-11.el8 baseos 433 k python3-nftables x86_64 1:0.9.3-24.el8 baseos 29 k Transaction Summary ============================================================================================================================================================================================================================================= Install 12 Packages Total download size: 2.3 M Installed size: 7.4 M Downloading Packages: (1/12): ipset-7.1-1.el8.x86_64.rpm 8.6 kB/s | 45 kB 00:05 (2/12): firewalld-filesystem-0.9.3-11.el8.noarch.rpm 14 kB/s | 78 kB 00:05 (3/12): ipset-libs-7.1-1.el8.x86_64.rpm 570 kB/s | 71 kB 00:00 (4/12): iptables-ebtables-1.8.4-22.el8.x86_64.rpm 1.0 MB/s | 72 kB 00:00 (5/12): firewalld-0.9.3-11.el8.noarch.rpm 90 kB/s | 503 kB 00:05 (6/12): iptables-1.8.4-22.el8.x86_64.rpm 2.1 MB/s | 584 kB 00:00 (7/12): libnfnetlink-1.0.1-13.el8.x86_64.rpm 487 kB/s | 33 kB 00:00 (8/12): libnftnl-1.1.5-5.el8.x86_64.rpm 1.6 MB/s | 83 kB 00:00 (9/12): python3-firewall-0.9.3-11.el8.noarch.rpm 6.8 MB/s | 433 kB 00:00 (10/12): libnetfilter_conntrack-1.0.6-5.el8.x86_64.rpm 203 kB/s | 65 kB 00:00 (11/12): python3-nftables-0.9.3-24.el8.x86_64.rpm 594 kB/s | 29 kB 00:00 (12/12): nftables-0.9.3-24.el8.x86_64.rpm 2.1 MB/s | 323 kB 00:00 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 203 kB/s | 2.3 MB 00:11 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : libnftnl-1.1.5-5.el8.x86_64 1/12 Running scriptlet: libnftnl-1.1.5-5.el8.x86_64 1/12 Installing : libnfnetlink-1.0.1-13.el8.x86_64 2/12 Running scriptlet: libnfnetlink-1.0.1-13.el8.x86_64 2/12 Installing : libnetfilter_conntrack-1.0.6-5.el8.x86_64 3/12 Running scriptlet: libnetfilter_conntrack-1.0.6-5.el8.x86_64 3/12 Running scriptlet: iptables-1.8.4-22.el8.x86_64 4/12 Installing : iptables-1.8.4-22.el8.x86_64 4/12 Running scriptlet: iptables-1.8.4-22.el8.x86_64 4/12 Installing : iptables-ebtables-1.8.4-22.el8.x86_64 5/12 Running scriptlet: iptables-ebtables-1.8.4-22.el8.x86_64 5/12 Installing : nftables-1:0.9.3-24.el8.x86_64 6/12 Running scriptlet: nftables-1:0.9.3-24.el8.x86_64 6/12 Installing : python3-nftables-1:0.9.3-24.el8.x86_64 7/12 Installing : python3-firewall-0.9.3-11.el8.noarch 8/12 Installing : ipset-libs-7.1-1.el8.x86_64 9/12 Running scriptlet: ipset-libs-7.1-1.el8.x86_64 9/12 Installing : ipset-7.1-1.el8.x86_64 10/12 Installing : firewalld-filesystem-0.9.3-11.el8.noarch 11/12 Installing : firewalld-0.9.3-11.el8.noarch 12/12 Running scriptlet: firewalld-0.9.3-11.el8.noarch 12/12 Verifying : firewalld-0.9.3-11.el8.noarch 1/12 Verifying : firewalld-filesystem-0.9.3-11.el8.noarch 2/12 Verifying : ipset-7.1-1.el8.x86_64 3/12 Verifying : ipset-libs-7.1-1.el8.x86_64 4/12 Verifying : iptables-1.8.4-22.el8.x86_64 5/12 Verifying : iptables-ebtables-1.8.4-22.el8.x86_64 6/12 Verifying : libnetfilter_conntrack-1.0.6-5.el8.x86_64 7/12 Verifying : libnfnetlink-1.0.1-13.el8.x86_64 8/12 Verifying : libnftnl-1.1.5-5.el8.x86_64 9/12 Verifying : nftables-1:0.9.3-24.el8.x86_64 10/12 Verifying : python3-firewall-0.9.3-11.el8.noarch 11/12 Verifying : python3-nftables-1:0.9.3-24.el8.x86_64 12/12 Installed: firewalld-0.9.3-11.el8.noarch firewalld-filesystem-0.9.3-11.el8.noarch ipset-7.1-1.el8.x86_64 ipset-libs-7.1-1.el8.x86_64 iptables-1.8.4-22.el8.x86_64 iptables-ebtables-1.8.4-22.el8.x86_64 libnetfilter_conntrack-1.0.6-5.el8.x86_64 libnfnetlink-1.0.1-13.el8.x86_64 libnftnl-1.1.5-5.el8.x86_64 nftables-1:0.9.3-24.el8.x86_64 python3-firewall-0.9.3-11.el8.noarch python3-nftables-1:0.9.3-24.el8.x86_64 Complete!
Start firewalld and enable it to auto-start at the system boot.
# systemctl start firewalld # systemctl enable firewalld
Check the status of firewalld running.
# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-02-11 15:23:58 IST; 43s ago Docs: man:firewalld(1) Main PID: 99066 (firewalld) Tasks: 2 (limit: 23558) Memory: 23.8M CGroup: /system.slice/firewalld.service └─99066 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid Feb 11 15:23:57 centos8.local systemd[1]: Starting firewalld - dynamic firewall daemon... Feb 11 15:23:58 centos8.local systemd[1]: Started firewalld - dynamic firewall daemon.
Now you can run the firewall-cmd to configure the rules.
# firewall-cmd --zone=public --add-port=80/tcp --permanent success # firewall-cmd --reload success
