LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-25-2012, 12:10 PM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Rep: Reputation: 30
how to save iptables commands?


If I issue a command like this rather than write it in the iptables file:
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT

how do I get that command to be automatically scripted to the iptables file in /etc/sysconfig/iptables?
 
Old 11-25-2012, 12:20 PM   #2
deswarf
LQ Newbie
 
Registered: Jan 2012
Posts: 26

Rep: Reputation: Disabled
If I understood you right
to save
Code:
iptables-save >> savefile
to restore respectivelly
Code:
iptables-restore << savefile
for doing it automatically could add line
Code:
pre-up iptables-restore < savefile
in /etc/interfaces

Last edited by deswarf; 11-25-2012 at 12:23 PM.
 
Old 11-25-2012, 12:53 PM   #3
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by deswarf View Post
If I understood you right
to save
Code:
iptables-save >> savefile
to restore respectivelly
Code:
iptables-restore << savefile
for doing it automatically could add line
Code:
pre-up iptables-restore < savefile
in /etc/interfaces
yes but if you add a line using iptables on the command line, it doesn't write it into the iptables file.
 
Old 11-25-2012, 01:05 PM   #4
deswarf
LQ Newbie
 
Registered: Jan 2012
Posts: 26

Rep: Reputation: Disabled
Code:
iptables-save > /etc/sysconfig/iptables
?
 
Old 11-25-2012, 01:38 PM   #5
deswarf
LQ Newbie
 
Registered: Jan 2012
Posts: 26

Rep: Reputation: Disabled
or you need it to be written immediately as soon as you press 'enter'?
maybe then
Code:
ipt='iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT' ; eval $ipt ; echo $ipt >> /etc/sysconfig/iptables
 
Old 11-25-2012, 01:41 PM   #6
fakie_flip
Senior Member
 
Registered: Feb 2005
Location: San Antonio, Texas
Distribution: Gentoo Hardened using OpenRC not Systemd
Posts: 1,452

Rep: Reputation: 85
On a CentOS system, edit

/etc/sysconfig/iptables

then to make your changes take effect

iptables-restore < /etc/sysconfig/iptables

This file exists in my Fedora system as well.
 
Old 11-25-2012, 02:28 PM   #7
deswarf
LQ Newbie
 
Registered: Jan 2012
Posts: 26

Rep: Reputation: Disabled
Quote:
Originally Posted by deswarf View Post
or you need it to be written immediately as soon as you press 'enter'?
maybe then
Code:
ipt='iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT' ; eval $ipt ; echo $ipt >> /etc/sysconfig/iptables
the same could be done if to write such a script, name it for example iptwr.sh:
Code:
#/bin/bash
echo "input iptables rule"
 while true
do
read ipt
 eval $ipt
err=$?
 if [ $err -ne 0 ]
then
    echo "error code $err"
    else 
echo $ipt >> /etc/sysconfig/iptables
echo "OK, next rule"
fi
done
simple start it with ./iptwr.sh command and type your rule. The script will execute and check the rule after pressing ENTER, and write it to /etc/sysconfig/iptables if it's ok or return an error code.

Last edited by deswarf; 11-25-2012 at 02:35 PM.
 
Old 11-25-2012, 04:50 PM   #8
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
What if you have already used a command like
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

How do you get that written to the file just by saving it?
 
Old 11-25-2012, 05:20 PM   #9
deswarf
LQ Newbie
 
Registered: Jan 2012
Posts: 26

Rep: Reputation: Disabled
Quote:
Originally Posted by qwertyjjj View Post
What if you have already used a command like
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

How do you get that written to the file just by saving it?
I'm afraid that I did not get your question...
If you're asking about the command for addition of the lines to file then it is realised in script with $ipt >> /etc/sysconfig/iptables
It simple adds the line at the end of that file. Or you'd like to have more difficult script that don't add commands that are already written?

But if that line is not written yet then you do need to iptables-save > /etc/sysconfig/iptables

Last edited by deswarf; 11-25-2012 at 05:22 PM.
 
Old 11-26-2012, 01:26 AM   #10
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,260

Rep: Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328
On Centos

1. cp /etc/sysconfig/iptables /etc/sysconfig/iptables.YYYYMMDD_HHMM
2. vi /etc/sysconfig/iptables
3. service iptables restart

(Strictly speaking iptables isn't a service, but the functionality is there to treat it as such)
 
Old 11-26-2012, 01:54 AM   #11
fakie_flip
Senior Member
 
Registered: Feb 2005
Location: San Antonio, Texas
Distribution: Gentoo Hardened using OpenRC not Systemd
Posts: 1,452

Rep: Reputation: 85
Using CentOS with Plesk? Plesk is a virus for Linux. So is CPanel.

Last edited by fakie_flip; 11-26-2012 at 01:56 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables error in android: iptables-save and iptables-restore not working preetb123 Linux - Mobile 5 04-11-2011 02:56 PM
iptables-save type command for iproute2 commands? fmillion Linux - Networking 1 11-29-2009 09:22 PM
iptables-save can't save settings Actionscript3 Linux - Software 4 01-29-2009 11:26 AM
iptables-save, iptables-restore, how to set up them in some script sarajevo Linux - Networking 1 03-25-2008 12:39 AM
iptables save commands are not working tarheel92x Linux - Networking 1 01-19-2004 06:16 PM


All times are GMT -5. The time now is 04:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration