The iptables command on Linux allows setting the rules for the Linux built-in firewall to follow when filtering packets flowing through the system. The iptables command applies to IPv4 packets and the ip6tables applies to IPv6 packets. When you make modifications to your set up you can save them using the iptables-save command for IPv4 rules and ip6tables-save for IPv6 rules:
In Debian or Ubuntu systems you would therefore do this for IPv4:
iptables-save > /etc/iptables/rules.v4
And this for IPv6:
ip6tables-save > /etc/iptables/rules.v6
And the same for RedHat Enterprise Linux or CentOS:
iptables-save > /etc/sysconfig/iptables
ip6tables-save > /etc/sysconfig/ip6tables
Then you would use the iptables-restore command to restore the saved rules:
iptables-restore < /etc/iptables/rules.v4
Manually restoring your own rules every time you boot the system may be a chore. Luckily there is an easy way to do this automatically. On Debian or Ubuntu just use the iptables-persistent package:
apt-get install iptables-persistent
If you saved your rules in /etc/iptables/rules.v4 as specified above they will load automatically on every boot.
For RHEL or CentOS systems you can simply enable the iptables service:
chkconfig iptables on
And make sure your rules are saved:
service iptables save
Leave a Reply