iptables has amnesia :-)
Don Russell
fedora at drussell.dnsalias.com
Mon Aug 20 20:48:08 UTC 2007
Mikkel L. Ellertson wrote:
> Don Russell wrote:
>
>> Twice now, I've applied new rules using iptables -I... to accept
>> specific traffic, and each time those rules "disappeared" a little while
>> later...
>>
>> I don't see anything in "man iptables" like "... and don't you forget it!"
>> (Of course maybe I missed it...)
>>
>> This is FC7.... using the cli iptables commands from root.... I also
>> used webmin with the same effect.
>>
>> Why are the new rules not remembered?
>>
>> Thanks
>>
>>
> If you are talking about the rules not surviving a reboot, try
> running "service iptables save" and/or "service ip6tables save". If
> you want the changes saved automatically, edit
> /etc/sysconfig/iptables.conf and change
> IPTABLES_SAVE_ON_RESTART="no" to IPTABLES_SAVE_ON_STOP="yes". Do
> the same for /etc/sysconfig/ip6tables.conf.
>
> Mikkel
>
ah... that's good to know... BUT.... in neither case have I restarted
the system....
I'll have a look at that config file though and see if there are any
clues. :-)
Maybe what I need to do (as you suggest) is "service iptables save"
after adding the rules and verifying they work correctly.
(I looked at the webmin method specifically for some form of "save these
rules", but there is only "apply thse rules", which I did need to do)
More information about the users
mailing list