I am running CentOS 7 with firewalld enabled and need to setup a few arptable rules. I can set these rules from the command line using the arptables command but they go away after a reboot. I need these rules to persist through reboots.

I've searched the web and while I can find some info on how to use the arptables command, I can't find anything about how to make the rules persistent.

Here's what I've tried so far:

1. Use arptables-save command to dump the config and then run arptables-restore to load the saved config but this doesn't keep the config across reboots.

2. I have tried editing my /etc/sysconfig/arptables file to this:

*filter
:INPUT ACCEPT
:OUTPUT ACCEPT
:FORWARD ACCEPT
-A INPUT -j ACCEPT -i ens192 -d 10.1.1.131
-A INPUT -j ACCEPT -i ens224 -d 9.1.1.131
-A INPUT -j ACCEPT -i ens192 -d 10.2.0.0/16
-A INPUT -j ACCEPT -i ens224 -d 9.2.0.0/16
-A INPUT -j DROP -i ens192 ! -d 10.0.0.0/8
-A INPUT -j DROP -i ens224 ! -d 9.0.0.0/8
-A INPUT -j DROP -i ens256 ! -d 10.255.0.0/16
-A INPUT -j DROP -i ens161 ! -d 9.255.0.0/16

COMMIT

Thanks

I haven't used it but the rpm installs:
rpm -ql arptables
/etc/sysconfig/arptables
/usr/lib/systemd/system/arptables.service
/usr/libexec/arptables-helper
/usr/sbin/arptables
/usr/sbin/arptables-restore
/usr/sbin/arptables-save
/usr/share/doc/arptables-0.0.4
/usr/share/doc/arptables-0.0.4/COPYING
/usr/share/man/man8/arptables-restore.8.gz
/usr/share/man/man8/arptables-save.8.gz
/usr/share/man/man8/arptables.8.gz

Since this is CentOS7 (or RHEL7) it is doing systemd so I'm wondering if you enabled the arptables.service so it gets copied from /usr/lib/systemd/system to /etc/systemd/system to start at boot?

What does "systemctl status arptables" output?

1 members found this post helpful.

That was it. Thanks. I should've known that.

1 members found this post helpful.

Glad I could help. If you don't mind, please go to thread tools and mark this as Solved. It helps people with similar issues more quickly find the resolution on future web searches.