[SOLVED] save iptables reboot and the rules are lost!

General support questions
Post Reply
msm25
Posts: 18
Joined: 2012/12/01 10:45:24

[SOLVED] save iptables reboot and the rules are lost!

Post by msm25 » 2013/04/03 10:12:10

Hello,

I need some help! I have created some custom iptables rules on my Centos 6.4 64 bits server, at the end I have save the rules with "service iptables save"

If I make a reboot I lose all the rules

How can I make the iptables rules permanet?

Thank you

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

[SOLVED] save iptables reboot and the rules are lost!

Post by jlehtone » 2013/04/03 10:40:20

[quote]
msm25 wrote:
I have save the rules with "service iptables save"
[/quote]
That should do it. What do you have after reboot?
[code]chkconfig --list iptables
iptables -S[/code]

shaunglass
Posts: 4
Joined: 2013/04/03 12:12:36

Re: save iptables reboot and the rules are lost!

Post by shaunglass » 2013/04/03 12:31:24

Heya,

In /etc/sysconfig/iptables-config check for :

# Save current firewall rules on restart.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
# restarted.
IPTABLES_SAVE_ON_RESTART="yes"

Regards

Shaun Glass

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: save iptables reboot and the rules are lost!

Post by jlehtone » 2013/04/03 13:20:03

[quote]shaunglass wrote:
In /etc/sysconfig/iptables-config check for :
IPTABLES_SAVE_ON_RESTART="yes"[/quote]
That makes no difference here. It merely calls
[code]service iptables save[/code]
before doing the restart. Besides, reboot does not call 'restart'; it wants to 'stop'.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: save iptables reboot and the rules are lost!

Post by TrevorH » 2013/04/03 13:38:28

You want

IPTABLES_SAVE_ON_STOP="yes"

too

msm25
Posts: 18
Joined: 2012/12/01 10:45:24

Re: save iptables reboot and the rules are lost!

Post by msm25 » 2013/04/05 12:30:25

Hi,

IPTABLES_SAVE_ON_RESTART="yes"
IPTABLES_SAVE_ON_STOP="yes"

I have change them and after a reboot still loses the rules:

jlehtone,

[root@v ~]# chkconfig --list iptables
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@ ~]#

User avatar
jlehtone
Posts: 4523
Joined: 2007/12/11 08:17:33
Location: Finland

Re: save iptables reboot and the rules are lost!

Post by jlehtone » 2013/04/05 14:22:08

Not loading rules at all. Do
[code]chkconfig iptables on[/code]
then reboot or just 'service iptables start'.

msm25
Posts: 18
Joined: 2012/12/01 10:45:24

Re: [SOLVED] save iptables reboot and the rules are lost!

Post by msm25 » 2013/04/05 15:44:41

jlehtone,

thank you so much! it idid work!

faulkhuang
Posts: 1
Joined: 2015/02/28 13:58:44

Re: [SOLVED] save iptables reboot and the rules are lost!

Post by faulkhuang » 2015/02/28 14:12:13

Hi,

I do search from google for this question, this post is the only way that I saw the question is solved.
I follow the suggestions that mentioned previously.
But after shutdown -r now, current iptables rule disappear.
Here is what I do:

1.
iptables -I INPUT -p tcp --dport 3128 -j ACCEPT

2.
Edit
IPTABLES_SAVE_ON_RESTART="yes"
IPTABLES_SAVE_ON_STOP="yes"
in /etc/sysconfig/iptables-config

3.
service iptables save
chkconfig iptables on

4.
shutdown -r now

then I can't connect via 3128 port which is what my client computer want to connect my proxy server with port 3128.
I have to manually enter iptables -I INPUT -p tcp --dport 3128 -j ACCEPT again,
where did I go wrong?

faulkhuang
Last edited by faulkhuang on 2015/03/01 14:14:38, edited 1 time in total.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: [SOLVED] save iptables reboot and the rules are lost!

Post by TrevorH » 2015/02/28 14:44:48

If you use firewalld then you cannot use the iptables command to add rules. Well, you can but firewalld doesn't know they exist and will remove them. If using firewalld then you must use firewall-cmd to add and amend rules (or the GUI firewall-config).
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply