====== Uninstall firewalld ======
rpm -e firewalld

====== Turn off network manager for interface(s) (to be able to use ifup-local script) ======
===== Edit /etc/sysconfig/network-scripts/ifcfg-<nic> =====
Add NM_CONTROLLED=no

====== Create script /sbin/ifup-local ======
<code>
set -o noclobber # So we don't accidentally overwrite existing file
cat << "EOF" > /sbin/ifup-local
#!/bin/sh

# Script to load FW rules when interface is brought up
EXTNIC=eth0
FWSCRIPT="/etc/fwbuilder.script"

if [ $# -ne 1 ]; then
  echo "Usage: $0: <nic>"
  exit 1
fi

if [ "$1" == "$EXTNIC" ]; then
  echo "Running FW script: $FWSCRIPT"
  exec "$FWSCRIPT"
fi
EOF
chmod +x /sbin/ifup-local
</code>