config set firewalld service status disabled
signal-event runlevel-adjust
do the trick 
I think the right command should be:
systemctl stop firewalld
systemctl disable firewalld
2 Likes
Also systemctl mask ... seems interesting. From systemctl manpage
mask NAME…
Mask one or more unit files, as specified on the command line. This will link these units to /dev/null, making it impossible to start them. This is a stronger version of disable, since it
prohibits all kinds of activation of the unit, including enablement and manual activation. Use this option with care. This honors the --runtime option to only mask temporarily until the next
reboot of the system. The --now option can be used to ensure that the units are also stopped.
However, since rc4 the firewalld.service unit is set disabled by Anaconda (same as NetworkManager). Pre-rc4 installations could see firewalld starting at boot, but shorewall immediately stops it (because of the Conflict= property).
Shall we add it to release notes? /cc @giacomo
1 Like
Yes, it works!
1 Like
new version of nethserver-fail2ban nethserver-fail2ban-0.1.3-2.ns7.sdl.noarch.rpm
firewalld is stopped and disabled
4 Likes