How to permanently set iptables rules
How do I save my iptables rules? I used iptables-save but after reboot they were gone. Can I just add everything to my /etc/rc.d/rc.local so it sets on boot?
|
You just have to write your iptables rules in /etc/rc.d/rc.firewall (create the file if it does not exist) and make it executable.
Paragraph "Setup a Firewall" of http://docs.slackware.com/howtos:sec...basic_security |
You can use iptables-save, but you'll have to use iptables-restore after you reboot to put your rules into effect again. I would/do use an /etc/rc.d/rc.firewall script. AlienBob has an excellent script generator here.
|
Quote:
Code:
#!/bin/sh |
Quote:
|
Quote:
Just to keep Slackware CD/DVD install self sufficient. |
I don't need anything complicated, just these 5 rules.
Can I just put this into rc.firewall: #!/bin/sh iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t nat PREROUTING -p tcp -i wlan0 --dport 22 -j DNAT --to 192.168.200.100 iptables -t nat PREROUTING -p tcp -i wlan0 --dport 80 -j DNAT --to 192.168.200.100 iptables -A FORWARD -p tcp -d 192.168.200.100 --dport 22 -j ACCEPT iptables -A FORWARD -p tcp -d 192.168.200.100 --dport 80 -j ACCEPT |
Why not in rc.local?
|
Quote:
In "/etc/rc.d/rc.inet2": Code:
# If there is a firewall script, run it before enabling packet forwarding. Code:
#!/bin/sh |
I used to put all the post configuration script to rc.local, thus i need to see one file only and it will contain all the changes and configuration on my system
But then, it's a matter of preference :) |
Quote:
Code:
#!/bin/sh Code:
#!/bin/sh Cheers, Niki |
Quote:
Code:
function stop() |
if you want to save iptables rules and use ppp or pppoe on the system you want to save the rules, you could do it like me.. i have all my iptables stuff in /etc/ppp/firewall-masq thats a standard file pppoe-setup will ask if you want to use it.
|
All times are GMT -5. The time now is 03:55 PM. |