iptables disappeared

piforever · 01-18-2006, 01:50 PM

hi,

today i wanted to open a port in my server.....and after doing that and saving the changes using the following two commands

Code:

/sbin/iptables -I INPUT -p tcp --destination-port 22671 -j ACCEPT

Code:

/sbin/iptables-save > /etc/sysconfig/iptables

and after issuing this command to check the rule

Code:

/sbin/iptables -L

I saw the rule....but all the rules that I previously made just disappeared!!! yet everything works OK!!!! Now After a reboot and issuing the previous command....now this is what I see

Code:

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Empty!!!! Previously I opened port 33100 for bittornado....and it is still opened since i can leech/seed...

So how come i cant list the rules....

ThnX

*EDIT*
This is the contents of /etc/sysconfig/iptables

Code:

# Generated by iptables-save v1.3.0 on Wed Jan 18 19:00:02 2006
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [67:5916]
:OUTPUT ACCEPT [74:10200]
-A INPUT -p tcp -m tcp --dport 22671 -j ACCEPT 
COMMIT
# Completed on Wed Jan 18 19:00:02 2006

yet I dont see "-A INPUT -p tcp -m tcp --dport 22671 -j ACCEPT " when I list the rules!!!

ugenn · 01-19-2006, 06:57 AM

Seems like a distro specific problem. Is there an option in the bootscript configs that enables or disables firewalls?

sam5550 · 01-19-2006, 12:55 PM

You can preserve your firewall settings during shut-downs and restarts by editing the settings in /etc/sysconfig/iptables-config. Particularly:

IPTABLES_SAVE_ON_STOP="yes"
IPTABLES_SAVE_ON_RESTART="yes"

That should allow you to keep rules when you shut down/reboot.

piforever · 01-19-2006, 04:31 PM

Quote:

Originally Posted by ugenn

Seems like a distro specific problem. Is there an option in the bootscript configs that enables or disables firewalls?

sorry i dont know!!! i'm a total n00b!

piforever · 01-19-2006, 04:36 PM

Quote:

Originally Posted by sam5550

You can preserve your firewall settings during shut-downs and restarts by editing the settings in /etc/sysconfig/iptables-config. Particularly:

IPTABLES_SAVE_ON_STOP="yes"
IPTABLES_SAVE_ON_RESTART="yes"

That should allow you to keep rules when you shut down/reboot.

thnx for the hints....very useful indeed...does it mean whenever i setup a new rule it will be saved automatically when i reboot my machine so I don't need to save the changes???

Another thing to add:

I just remembered that I did install Firestarter few weeks ago but did not run/configure it although i see the service start when i restart my machine....so I just removed it using yum and now when i list the rules i see my latest update -port 22671- but nothing else....although everything works OK...so now i'm really worried!!! what does this mean??? how am I going to change the *hidden* rules???

Code:

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:22671 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

sam5550 · 01-19-2006, 09:44 PM

Quote:

Originally Posted by piforever

thnx for the hints....very useful indeed...does it mean whenever i setup a new rule it will be saved automatically when i reboot my machine so I don't need to save the changes???

It should ... I haven't tried it though.

piforever · 01-21-2006, 07:50 AM

is there any way to check the rules in the iptables other than "iptables -L" ??? I still can not see all the opened ports...

thnx

ugenn · 01-21-2006, 08:17 PM

Are you root?

piforever · 01-21-2006, 09:20 PM

yes i am....