Difference between revisions of "How To Make iptables Persistent"
Line 31: | Line 31: | ||
To remove persistent iptables rules simply open a relevant /etc/iptables/rules.v* file and delete lines containing all unwanted rules. | To remove persistent iptables rules simply open a relevant /etc/iptables/rules.v* file and delete lines containing all unwanted rules. | ||
− | + | [https://linuxconfig.org/how-to-make-iptables-rules-persistent-after-reboot-on-linux] |
Revision as of 18:44, 8 October 2022
At some point, you may have to make modifications to a firewall, open up a port, or change/enable some network configuration on a cluster or server. We primarily use iptables to complete many of these tasks. However, when such changes are made, they are not persistent upon reboot, resulting in one having to reapply those changes. The following explains how to make iptables persistent upon reboot.
Required Packages
We use the package iptables-persistent to save our iptable configurations. To install, consult the following bellow:
For Debian-based systems:
apt install iptables-persistent
By default, this package should be already installed on all clusters and servers. If you are setting up a new machine, installing this package is recommended.
How it Works
After install, any currently erected iptables rules will be saved to the corresponding IPv4 and IPv6 files below:
/etc/iptables/rules.v4 /etc/iptables/rules.v6
To update persistent iptables with new rules simply use iptables commands to include new rules into the system. To make changes permanent after reboot run the iptables-save command:
sh -c "iptables-save > /etc/iptables/rules.v4"
or
sh -c "ip6tables-save > /etc/iptables/rules.v6"
It is recommended that you run these commands after any iptable addition/modification you perform. You will need root access to perform such.
How to remove Persistent iptable Rule
To remove persistent iptables rules simply open a relevant /etc/iptables/rules.v* file and delete lines containing all unwanted rules.