iptables/pidora
Hi, I have noticed that my iptables rules are lost whenever I reboot my Pi. Maybe this is because I do a iptables-save but not an iptables-restore after a reboot.
So I did an iptables-save to the file /etc/sysconfig/iptab.config. I was a bit concerned when I dumped the contents of this file. Lots of rules in there I was not aware of. If you take port 631 which I think is TCP related, I have never added a rule which is borne out by the "iptables -L" command. However, when I look in iptab.config I see this port in 3 places. Quote:
Can someone pls confirm then
is that about it? Thanks |
There should be no reason to save / restore the iptables configuration; it is kept in /etc/sysconfig/iptables which is reloaded when the iptables service starts.
Make sure you are configuring the firewall correctly, per the documentation. Also, make sure the firewall is set to start on boot: Code:
sudo systemctl enable iptables.service |
I had a read through the doco you provided but I think my problem is more fundamental. I have just rebooted and these are the first commands I type:
Quote:
Quote:
This is what I have always done in Fedora/Centos but rules don't disappear!So I am wondering whether this is a Pi quirk! |
I ran into the same issue with my pidora. I realized that Pidora (because it is a "recent" fedora distro) runs firewalld for security handling, as well. And it appears as it overwrites or preempts iptables at boot time.
For normal iptables, edits and add entries must be saved /etc/sysconfig/iptables file, via the save command Quote:
You'll see that the file is created and edited; but after reboot it isn't getting the changes either. Check firewalld and firewall-cmd... to see if it's enabled do: Code:
[root@pi ~]# systemctl status firewalld.service Code:
[root@pi ~]# firewall-cmd --list-services Code:
[root@pi ~]# firewall-cmd --zone=public --add-service=https --permanent |
All times are GMT -5. The time now is 08:33 AM. |