Problem
ip-tables is a firewall implemented by default in many Linux distributions. However, by default, ip-table rules are not persistent - that is, rules will not survive reboots etc.
Solution
Below is one method for saving / restoring and making implemented ip-table rules persistent on several popular distributions of Linux.
Making iptables rules persistent
Amazon-Linux:
sudo chkconfig iptables on sudo service iptables save
Debian/Ubuntu:
Install iptables-persistent
and the netfilter-persistent
packages:
sudo apt-get install iptables-persistent sudo apt-get install netfilter-persistent
To save current iptable rules to these files, run the following:
sudo su iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6 exit
Any ip-table rules added to below files will be persistent (on reboots etc.):
/etc/iptables/rules.v4 /etc/iptables/rules.v6 # for ip6 rules
You can reload from these files with to ip-tables by:
sudo iptables-restore < /etc/iptables/rules.v4 sudo ip6tables-restore < /etc/iptables/rules.v6
The netfilter-persistent
package has the actual init.d service which reloads the last saved iptables configuration. So, once saved (see above) start and enable the service by:
sudo systemctl start netfilter-persistent sudo systemctl enable netfilter-persistent
References
- https://help.ubuntu.com/community/IptablesHowTo
- https://www.thomas-krenn.com/en/wiki/Saving_Iptables_Firewall_Rules_Permanently
Related articles
There is no content with the specified labels