Save iptables rules under ubuntu and automatically load them at boot time:
Saving iptables Save settings
After the machine restarts, the configuration information in iptables will be cleared. You can save these configurations and let iptables load automatically at startup, saving you from having to re-enter each time. Iptables-save and iptables-restore are used to save and restore settings.
Configuration onstartup Boot Autoload Configuration
Save firewall rules to /etc/iptables.up.rules file first
# iptables-save > /etc/iptables .up.rules #requires sudo su - root to switch users after execution, directly sudo cmd is not working
Then modify the/etc/network/interfacesscript to apply the rulesautomatically (the bottom line is added)
Then modify the script /etc/network/interfaces so that the system can automatically apply these rules (the last line is manually added by us).
auto eth0
iface eth0 inet dhcp
pre-up iptables-restore < /etc/iptables.up.rules
When the network interface is down After that, you can have iptables use a different set of rules.
auto eth0
iface eth0 inet dhcp
pre-up iptables-restore < /etc/iptables.up.rules
post-down iptables -restore < /etc/iptables.down.rules
Tips Tips
If you frequently edit iptables manually
Most people don’t need to change their firewall rules often Therefore, as long as the previous introduction, the firewall rules can be established. But if you want to change the firewall rules frequently to make it more complete, you may want the system to save the firewall settings before each reboot. To do this, you can add a line to the /etc/network/interfaces file:
pre-up iptables-restore < /etc/iptables.up.rules
post-down iptables-save > /etc/iptables.up.rules
The line "post-down iptables-save > /etc/iptables.up.rules"will save the rules to be used on the next boot.< Br>
"post-down iptables-save > /etc/iptables.up.rules" will save the settings for use at the next startup.
Usingiptables-save/restore to test rules Using iptables-save/restore to test rules
Using iptables-save and iptables-restore makes it easy to modify and test firewall rules. First run iptables-save to save the rule to a file and then edit the file with an editor.
# iptables-save > /etc/iptables.test.rules
# gedit /etc/iptables.test.rules
If you built it according to the previous example Firewall rules, iptables-save will produce a file similar to the following:
# Generated by iptables-save v1.3.1 on Sun Apr 2306:19:53 2006
*filter
:INPUT ACCEPT [368:102354]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [92952:20764374]
-A INPUT - m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p Tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log -prefix"iptables denied: " --log-level 7
-A INPUT -j Drop
COMMIT
# Completed on Sun Apr 23 06:19:53 2006
The contents of the file are actually various iptables commands, except that the command name iptables is omitted. Feel free to edit this file and save it. Then test the modified rules with the following command:
# iptables-restore < /etc/iptables.test.rules
Before you added the /etc/network/interfaces file The iptables-save command, after the test, don't forget to save your changes.
# iptables-save > /etc/iptables.up.rules
Added: Backup and restore of iptables firewall rules
First, save iptables rules to a file # Sudo iptables-save > /etc/iptables.up.rules
Then, modify the /etc/network/interfaces script to automatically apply these rules (the last line is added) sudo echo "pre-up iptables- Restore < /etc/iptables.up.rules" >> /etc/network/interfaces
You can also prepare a set of rules to apply it automatically:
First, save the iptables rules Go to a file # sudo iptables-save > /etc/iptables.up.rules Then, modify the /etc/network/interfaces script to automatically apply these rules (the last line is added)
sudo echo "pre -up iptables-restore < /etc/iptables.up.rules" >> /etc/network/interfaces You can also prepare a set of rules to apply it automatically:
sudo echo " pre-up Iptables-restore < /etc/iptables.up.rules" >>/etc/network/interfaces sudo echo "post-down iptables-restore < /etc/iptables.down.rules " >> /etc/network/interfaces
The above method has been tested in Ubuntu 12.04 and is in effect.
sudo echo " pre-up iptables-restore < /etc/iptables.up.rules" >>/etc/network/interfaces sudo echo "post-down iptables-restore < /Etc/iptables.down.rules " >> /etc/network/interfaces The above method has been tested in Ubuntu 12.04 and is in effect.
Command (command) information detailed This article address: http://blog.csdn.net/caroline
Today, Xiaobian is a beginner Linux developer to explain how to install Linux. Here Xiaobian
The introduction of the information age has brought great convenience and benefits to our l
Method for installing RPM format package in Ubuntu system
Inux virtual machine network configuration method and solution to the problem
Linux command after the run -nohup
Exit command--Linux command application big dictionary 729 command interpretation
How to run the process in Linux
How to make software packages under Linux system
Xinxing finishing Linux part of the commonly used command
Hard disk mount in linux system
Ubuntu system Grub failure how to do
Solve linux64 bit installation jpeg error make:./libtool:Commandnotfound
How can Win7 Bluetooth not directly transfer files?
What if the win7 system disk does not display an unlabeled volume?
Windows System Group Policy Application Raiders (Top)
APP culminating in the power consumption of the mobile phone
Jump Lists for Windows 7 Taskbar Development
Using the trick to figure out the Trojan virus behind the picture
How to restore win10 to win8.1 How to restore win10 to win8.1
Win8 method for changing desktop application icon image