Difference between revisions of "How To Make iptables Persistent"

From Earlham CS Department
Jump to navigation Jump to search
Line 31: Line 31:
 
To remove persistent iptables rules simply open a relevant /etc/iptables/rules.v* file and delete lines containing all unwanted rules.
 
To remove persistent iptables rules simply open a relevant /etc/iptables/rules.v* file and delete lines containing all unwanted rules.
  
Source [[https://linuxconfig.org/how-to-make-iptables-rules-persistent-after-reboot-on-linux]]
+
[https://linuxconfig.org/how-to-make-iptables-rules-persistent-after-reboot-on-linux]

Revision as of 18:44, 8 October 2022

At some point, you may have to make modifications to a firewall, open up a port, or change/enable some network configuration on a cluster or server. We primarily use iptables to complete many of these tasks. However, when such changes are made, they are not persistent upon reboot, resulting in one having to reapply those changes. The following explains how to make iptables persistent upon reboot.

Required Packages

We use the package iptables-persistent to save our iptable configurations. To install, consult the following bellow:

For Debian-based systems:

   apt install iptables-persistent 


By default, this package should be already installed on all clusters and servers. If you are setting up a new machine, installing this package is recommended.

How it Works

After install, any currently erected iptables rules will be saved to the corresponding IPv4 and IPv6 files below:

   /etc/iptables/rules.v4
   /etc/iptables/rules.v6

To update persistent iptables with new rules simply use iptables commands to include new rules into the system. To make changes permanent after reboot run the iptables-save command:

   sh -c "iptables-save > /etc/iptables/rules.v4"

or

   sh -c "ip6tables-save > /etc/iptables/rules.v6"

It is recommended that you run these commands after any iptable addition/modification you perform. You will need root access to perform such.

How to remove Persistent iptable Rule

To remove persistent iptables rules simply open a relevant /etc/iptables/rules.v* file and delete lines containing all unwanted rules.

[1]