Differences

This shows you the differences between two versions of the page.

--- iptables:save_iptable_rules [2016/10/07 11:16] – peter
+++ iptables:save_iptable_rules [2019/11/29 17:43] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== IPTables - Save IPTable rules ======
-===== Save the iptables rules =====
-The generic method of saving iptables rules is to use the command **iptables-save**, which writes to stdout.
-<code bash>
-iptables-save > /etc/network/iptables.rules
-</code>
-===== Restore the iptables rules =====
-The output created by **iptables-save** can then by read on stdin by **iptables-restore**.
-If on a server, without NetworkManager, a common approach is then to use a **pre-up** command in /etc/network/interfaces.
-<file /etc/network/interfaces>
-iface eth0 inet static
-        ....
-        pre-up iptables-restore < /etc/network/iptables.rules
-</file>
-===== Example usage =====
-As root, issue the command:
-<code bash>
-iptables-save > /etc/iptables.rules
-</code>
-In **/etc/network/if-pre-up.d/iptables** enter the following:
-<file /etc/network/if-pre-up.d/iptables>
-#!/bin/sh
-iptables-restore < /etc/iptables.rules
-exit 0
-</file>
-In **/etc/network/if-post-down.d/iptables** enter the following:
-<file /etc/network/if-post-down.d/iptables>
-#!/bin/sh
-iptables-save -c > /etc/iptables.rules
-if [ -f /etc/iptables.rules ]; then
-  iptables-restore < /etc/iptables.rules
-fi
-exit 0
-</file>
-Give permission to the scripts:
-<code bash>
-sudo chmod +x /etc/network/if-post-down.d/iptables
-sudo chmod +x /etc/network/if-pre-up.d/iptables
-</code>
-===== IPv6 =====
-**NOTE**:  Do note that the commands iptables, **iptables-save** and **iptables-restore** are IPv4 only. For IPv6 traffic the equivalent commands are ip6tables, **ip6tables-save** and **ip6tables-restore**.