Rules created with the iptables command
are stored in memory. If the system is restarted before saving the
iptables rule set, all rules are lost. For
netfilter rules to persist through system reboot, they need to be
saved. To do this, log in as root and type:
/sbin/service iptables save
|
This executes the iptables initscript,
which runs the /sbin/iptables-save program
and writes the current iptables
configuration to /etc/sysconfig/iptables.
The existing /etc/sysconfig/iptables file
is saved as /etc/sysconfig/iptables.save.
The next time the system boots, the iptables init script reapplies the rules saved in
/etc/sysconfig/iptables by using the
/sbin/iptables-restore command.
While it is always a good idea to test a new iptables rule before committing it to the /etc/sysconfig/iptables file, it is possible to
copy iptables rules into this file from
another system's version of this file. This provides a quick way to
distribute sets of iptables rules to
multiple machines.
 |
Important |
| |
If distributing the /etc/sysconfig/iptables file to other machines,
type /sbin/service iptables restart for
the new rules to take effect.
|
