DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Rather than check for service iptables alone, look also for things like iptablesd, iptabled, etc. I am not running Debian 8 right now, but I seem to remember that the name was not perfectly matched to the package. (Which is, as you look around at other packages and services, pretty normal.)
You might also list out ALL services and grep for ipta and see what it returns.
LAST option: you know a reboot will cycle all services that are set to auto-start. That should NEVER be required, but does always work.
Rather than check for service iptables alone, look also for things like iptablesd, iptabled, etc. I am not running Debian 8 right now, but I seem to remember that the name was not perfectly matched to the package. (Which is, as you look around at other packages and services, pretty normal.)
You might also list out ALL services and grep for ipta and see what it returns.
LAST option: you know a reboot will cycle all services that are set to auto-start. That should NEVER be required, but does always work.
That is not as I would have done it, but assume that list is complete. What then makes you think that you have iptables installed and running to need restarting?
Have you run anything like
debian 8 uses systemd. You can install the iptables-persistent package which is a service to load your firewall rules at boot. The service is called netfilter-persistent
The firewall is actually kernel modules that are loaded at boot up and when you add a rule using the iptables frontend ClI utility they take effect immediately. No need to restart anything. You can save your rules using the iptables-save command. There are various GUI firewall front ends to iptables like UFW or firestarter which provides an easier interface then using the CLI.
That is not as I would have done it, but assume that list is complete. What then makes you think that you have iptables installed and running to need restarting?
Have you run anything like
Try and see if it is installed, and at what status.
If it is not installed, you will need to install it using apt-get or one of the gui front-ends to apt.
Code:
$ dpkg-query --list |grep -i iptabl
ii gnome-orca 3.14.0-4+deb8u1 all Scriptable screen reader
ii iptables 1.4.21-2+b1 amd64 administration tools for packet filtering and NAT
debian 8 uses systemd. You can install the iptables-persistent package which is a service to load your firewall rules at boot. The service is called netfilter-persistent
The firewall is actually kernel modules that are loaded at boot up and when you add a rule using the iptables frontend ClI utility they take effect immediately. No need to restart anything. You can save your rules using the iptables-save command. There are various GUI firewall front ends to iptables like UFW or firestarter which provides an easier interface then using the CLI.
If when I remove or add a rule then it use immediately then need I "iptables-persistent" or "netfilter-persistent" ?
If when I remove or add a rule then it use immediately then need I "iptables-persistent" or "netfilter-persistent" ?
No, only as an automated way to reload your rules on system boot.
The iptables binary (or netfilter) reads or writes rules in the (volatile) kernel data structure, rrporting the current state or updating it immediately.
$ dpkg-query --list |grep -i iptabl
ii gnome-orca 3.14.0-4+deb8u1 all Scriptable screen reader
ii iptables 1.4.21-2+b1 amd64 administration tools for packet filtering and NAT
Excellent, it is installed. As descendant_command mentioned, the other output indicates that there is NOT an iptables process in memory (I HAVE been able to detect it that way, we will assume it is inactive at this point).
Have you looked up how to import and export rules? You can do this at the command line and test it before loading any additional software for automation.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.