iptables:save_iptable_rules
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| iptables:save_iptable_rules [2016/10/07 12:50] – peter | iptables:save_iptable_rules [2019/11/29 17:43] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== IPTables - Save IPTable rules ====== | ||
| - | |||
| - | ===== Save and Restore iptables ===== | ||
| - | |||
| - | As root, issue the command: | ||
| - | |||
| - | This will save initial copies of the firewall rules. | ||
| - | |||
| - | <code bash> | ||
| - | iptables-save > / | ||
| - | ip6tables-save > / | ||
| - | </ | ||
| - | |||
| - | |||
| - | In **/ | ||
| - | |||
| - | <file / | ||
| - | #!/bin/sh | ||
| - | iptables-restore < / | ||
| - | ip6tables-restore < / | ||
| - | exit 0 | ||
| - | </ | ||
| - | |||
| - | In **/ | ||
| - | |||
| - | <file / | ||
| - | #!/bin/sh | ||
| - | iptables-save -c > / | ||
| - | if [ -f / | ||
| - | iptables-restore < / | ||
| - | fi | ||
| - | ip6tables-save -c > / | ||
| - | if [ -f / | ||
| - | ip6tables-restore < / | ||
| - | fi | ||
| - | exit 0 | ||
| - | </ | ||
| - | |||
| - | Give permission to the scripts: | ||
| - | |||
| - | <code bash> | ||
| - | sudo chmod +x / | ||
| - | sudo chmod +x / | ||
| - | </ | ||
| - | |||
| - | |||
| - | ===== IPv4 vs IPv6 ===== | ||
| - | |||
| - | There are slightly different commands used depending on IPv4 or IPv6. | ||
| - | |||
| - | For IPv4 the commands are **iptables-save** and **iptables-restore**. | ||
| - | |||
| - | For IPv6 the commands are **ip6tables-save** and **ip6tables-restore**. | ||
| - | |||
| - | |||
| - | ===== Example Usage ===== | ||
| - | |||
| - | ==== Save the iptables rules ==== | ||
| - | |||
| - | The generic method of saving iptables rules is to use the command **iptables-save**, | ||
| - | |||
| - | <code bash> | ||
| - | iptables-save > / | ||
| - | ip6tables-save > / | ||
| - | </ | ||
| - | |||
| - | ==== Restore the iptables rules ==== | ||
| - | |||
| - | For IPv4, the output created by **iptables-save** can then by read on stdin by **iptables-restore**. Similarly, for IPv6, the output created by **ip6tables-save** can then by read on stdin by **ip6tables-restore**. | ||
| - | |||
| - | If on a server, without NetworkManager, | ||
| - | |||
| - | <file / | ||
| - | iface eth0 inet static | ||
| - | .... | ||
| - | pre-up iptables-restore < / | ||
| - | pre-up ip6tables-restore < / | ||
| - | </ | ||
iptables/save_iptable_rules.1475844607.txt.gz · Last modified: 2020/07/15 09:30 (external edit)