[SOLVED] does iptables restart remove manual settings?

qwertyjjj · 08-18-2012, 03:47 AM

I run this manually on my server:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

However, when I change the iptables script and restart iptables, it seems to remove the above routing. Is that normal?
Do I have to add that routing into my current script?

unSpawn · 08-18-2012, 06:14 AM

Quote:

Originally Posted by qwertyjjj

Is that normal?

If this is "normal" depends on your 'grep -i ^i.*save_on /etc/sysconfig/iptables-config' settings.

Quote:

Originally Posted by qwertyjjj

Do I have to add that routing into my current script?

If you want it, yes. If the above settings from /etc/sysconfig/iptables-config are set to NO then

Code:

# save iptables rule set to temporary file:
umask 0027; /sbin/iptables-save > /tmp/.iptables.$$
# verify the only changes are your rule (unless you have enabled say counters saving in iptables-config): 
diff --side-by-side /tmp/.iptables.$$ /etc/sysconfig/iptables | less
# and if OK backup and copy contents over:
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.previous
cat /tmp/.iptables.$$ > /etc/sysconfig/iptables && rm -f /tmp/.iptables.$$