Comments on: Ubuntu Linux Save / Restore Iptables Rules http://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/ Every answer asks a more beautiful question. Fri, 10 Feb 2012 19:55:56 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: budacsikhttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-45734 budacsik Fri, 29 Jan 2010 07:29:22 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-45734 Salvador: You are right! Sorry for mistake. (I'm sorry, but I can't edit it.) Salvador:
You are right! Sorry for mistake.

(I’m sorry, but I can’t edit it.)

]]> By: Salvadorhttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-45731 Salvador Fri, 29 Jan 2010 00:17:57 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-45731 budacsik: You made a little mistake in the line: pre-up iptables-restore /etc/iptables.rules it must be: pre-up iptables-restore < /etc/iptables.rules budacsik:

You made a little mistake in the line:
pre-up iptables-restore /etc/iptables.rules

it must be:
pre-up iptables-restore < /etc/iptables.rules

]]> By: badwolfhttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-42459 badwolf Fri, 10 Jul 2009 12:27:45 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-42459 One other way of safeguarding yourself when you modify iptables via ssh is (before you start fiddling around ;-) )to set a cron job to reset the firewall rules every say 15 minutes. That way you only have to wait at most 15 minutes to get back into your machine. Don't forget to disable the cron job when you are finished. This presumes that you have root/sudo access to be able to set the cron and run iptables-restore as super user. Thanks for the info. One other way of safeguarding yourself when you modify iptables via ssh is (before you start fiddling around ;-) )to set a cron job to reset the firewall rules every say 15 minutes. That way you only have to wait at most 15 minutes to get back into your machine. Don’t forget to disable the cron job when you are finished. This presumes that you have root/sudo access to be able to set the cron and run iptables-restore as super user.
Thanks for the info.

]]> By: budacsikhttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-42332 budacsik Wed, 01 Jul 2009 10:14:17 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-42332 tip: iptables auto on/off 1.) Run in terminal the next command: sudo iptables-save > /etc/iptables.rules 2.) Edit /etc/network/interfaces file and add this two line to interface configuration: pre-up iptables-restore /etc/iptables.rules To sum: auto eth1 iface eth1 inet static address 192.168.2.1 network 255.255.255.0 broadcast 192.168.2.255 pre-up iptables-restore /etc/iptables.rules 3.) Save and test (reboot) tip:
iptables auto on/off

1.)
Run in terminal the next command:
sudo iptables-save > /etc/iptables.rules

2.) Edit /etc/network/interfaces file and add this two line to interface configuration:
pre-up iptables-restore /etc/iptables.rules

To sum:

auto eth1
iface eth1 inet static
address 192.168.2.1
network 255.255.255.0
broadcast 192.168.2.255
pre-up iptables-restore /etc/iptables.rules

3.) Save and test (reboot)

]]> By: Joosthttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-42258 Joost Fri, 26 Jun 2009 16:08:47 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-42258 Be carefull if you change your iptables file remotely (via ssh). A mistake might lock you out. In that case it is safer to use iptables-apply. It changes the iptables, but gives you a prompt to confirm the change. If the change locked you out, it will revert to the previous ruleset. So change the /root/working.iptables.rules file, and use: iptables-apply -t 15 /root/working.iptables.rules You have 15 seconds to accept the change. Only works on newer versions of iptables (Ubuntu jaunty in my case). Be carefull if you change your iptables file remotely (via ssh). A mistake might lock you out.
In that case it is safer to use iptables-apply. It changes the iptables, but gives you a prompt to confirm the change. If the change locked you out, it will revert to the previous ruleset.
So change the /root/working.iptables.rules file, and use:

iptables-apply -t 15 /root/working.iptables.rules

You have 15 seconds to accept the change.
Only works on newer versions of iptables (Ubuntu jaunty in my case).

]]> By: Vivek Gitehttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-42225 Vivek Gite Wed, 24 Jun 2009 15:45:27 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-42225 @Mike, Excellent tip. I never thought about it. @Michael, yes it works on all Linux distro. Appropriate your posts! @Mike, Excellent tip. I never thought about it.

@Michael, yes it works on all Linux distro.

Appropriate your posts!

]]> By: Mikehttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-42224 Mike Wed, 24 Jun 2009 15:23:12 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-42224 Thanks Here's another little tip. If you add a shebang line to the top of the saved iptables file like "#!/usr/bin/env iptables-restore" and make it executable (chmod +x) you can then just execute the saved firewall rules like so ./my-firewall Thanks

Here’s another little tip. If you add a shebang line to the top of the saved iptables file like “#!/usr/bin/env iptables-restore” and make it executable (chmod +x) you can then just execute the saved firewall rules like so ./my-firewall

]]> By: Michaelhttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comment-42223 Michael Wed, 24 Jun 2009 14:40:52 +0000 http://www.cyberciti.biz/faq/?p=4197#comment-42223 Thanks for the tip! Not only useful for Ubuntu users! Thanks for the tip!
Not only useful for Ubuntu users!

]]>