How to restart iptables service in Debian?
 

Hello.
I'm using Debian 8.9 x64 and I want to know how can I restart iptables service?

Thank you.

https://duckduckgo.com/?q=How+to+res...vice+in+Debian
you asked that very same question 1 year ago!
since it seems you were unable to solve it then, i guess one of the other search results will do you.

i have to ask this, without irony or sarcasm or trying to dis you, honest question:

do you suffer from some form of memory loss?

because if you do, you should tell us, it would help us to deal with your questions in a more appropriate manner.

In other Distro like Redhat you can do:
But I can't find it in Debian.

Try: ufw reload
(from clicking that ddg link)

It's probably in iptables-persistent which uses the /etc/iptables/rules.v4 to make your (ipv4) rules persistent. Most times I have a script that sets my rules. Which clears all rules as the first step. But probably not best practices if connected to the internet on a high speed connection.

# iptables -t nat -F
# iptables -t nat -X
# iptables -F
# iptables -X

To flush and clear/delete ALL the rules. Well almost all, there's also mangle, filter, raw, and probably other tables besides nat. Although not used much in consumer land.

From the "Similar Threads" section at the bottom of all LQ posts,
https://www.linuxquestions.org/quest...6/#post5640900
all those iptables commands just store stuff in the kernel. There's no process (to restart)!!!

My preference is still to set up a shell script which contains all iptables commands. Starting with disabling forwarding, setting the default policies for all tables and flush the tables. And then set up every rule.

Advantages of this approach are that every time you run you script you are assured to start from a fresh, known state. You can create variables to make you script more readable and make changes in one place if you have to change one setting in a lot of places. And you can build in conditionals.

There are many examples on the internet on how to create firewall scripts.

jlinkels

Thus, restart it is impossible?

There is no "start" or "restart" in iptables. There is only the set of chains of rules held in memory. If you want to clear the chains, then clear the chains:

That will give you a blank slate with no rules in the kernel from there you can load new ones.

"restart" is impossible in Debian?

Yes, but there may be a iptables-restore<file here: https://wiki.debian.org/iptables
&more here: https://wiki.debian.org/DebianFirewall

Or you can 'forget' iptables entirely, and use ufw (I think!!!): https://www.digitalocean.com/communi...n-cloud-server

There is no concept of "reload/restart" for this kernel ip fw "table".
This *table* is not a process, so it cannot be stopped/started/restarted
(like a data array in memory cannot be ditto)

Drop all existing rules and set default routes to "ACCEPT"
Then load all existing rules from a script or some file.

That is what would be a "restart" for iptables.

Correct. It is impossible in all Linux-based operating systems, not just Debian GNU/Linux. See the various comments above for different phrasing of the same message.

What are you really trying to do there?

It depends on how you define impossible or define restart. You can clear the rules, and unload the kernel modules (if they were compiled as modules). And then reload the modules. And reload the rules. Not really a restart though. And no simple or automated way to do that outside of a reboot.

But as I said, Redhat can do it!!! Am I wrong?