Technicus stultissimus: IPtables primer -save configuration

Saturday, July 3, 2010

IPtables primer -save configuration

Source
Saving your configuration
Now that you have iptables set up the way you like, how do you save your changes ?

Method 1 "iptables-save"

With iptables-save and iptables-restore
Save your configuration to /etc/iptables.rules

iptables-save > /etc/iptables.rules

To restore, edit /etc/rc.local and add this command anywhere above the line "exit 0"

iptables-restore < /etc/iptables.rules

Note: No need for sudo in that command, /etc/rc.local runs at root at the time of boot.

See Ubuntu Wiki IPtables for tips on using iptables scripts and also in conjunction with Network Manager

Method 2 - Debian / Ubuntu : Add a line to /etc/network/interfaces.

With this method you will need to save your rules ( with iptables-save > /etc/iptables.save ) as above. Then disable NetworkManager and manually configure your network.
As you do these steps you will temporarily loose your internet connection.
Start by removing Network Manager:

sudo apt-get remove -purge network-manager network-manager-gnome

Stop networking:

service networking stop

Using any editor, open /etc/network/interfaces. We will use dhcp or a static IP address, and add a line "post-up" to bring our iptables rules up.

DHCP :

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp
post-up /sbin/iptables-restore /etc/iptables.save

Static IP :

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.0.10
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
post-up /sbin/iptables-restore /etc/iptables.save

Using any editor, edit /etc/resolv.conf and add in your nameserver :

nameserver 192.168.0.1

Restart networking :

sudo service network start

Method 3 - Fedora / Centos.

With Fedora or Centos you can simiply save your changes (as root) with :

service iptables save

This command saves your current iptables rules and they will be restored on (re)boot.

Method 4 - Use a command line or graphical tools.

There are several tools to help manage your firewall. In Debian/Ubuntu use UFW / GUFW. On Fedora Desktops use the graphical tool (in the menu). Alternately you may use any number of tools to configure your firewall.

Apple	Atari	Commodore	Data General	DEC	Honeywell
Hewlett Packard	IBM	NCR	Olivetti	Sinclair	Sun Microsystem
Silicon Graphics	Unisys	Mattel	Amstrad	Altre marche	Hardware
Calcolatrici	Fuori categoria	Pubblicita	Documentazione	Software	Lista

Technicus stultissimus

Bienvenido! - Willkommen! - Welcome!

Saturday, July 3, 2010

IPtables primer -save configuration

Method 1 "iptables-save"

Method 2 - Debian / Ubuntu : Add a line to /etc/network/interfaces.

Method 3 - Fedora / Centos.

Method 4 - Use a command line or graphical tools.

No comments:

Labels

Pages

Tux & Cía. -Ventas

Search This Blog

Tux & Cía.

Amenazas Informáticas

Browsers&Security Tests

Diseño Gráfico

Basic Data Management

Windows Updates

Network tools

Forums - Foren - Foros

Which Security SW do you use?

[Your PC]

Piador

Me and Linus Torvalds' work

Free&Open Source SW

Blog Archive

Labels

Comics

About Me

Nerd or Dren?

Live Traffic Map

useful LX commands

Recommended

Networking Technique - Computer Technologies - Commputer Archeology

Computer Museum

The Power of Knowledge-El Poder del Conocimiento-Die Macht des Wissens

Visitantes-Besucher-Visitors