[aklug] Re: saving iptables rules on Ubuntu

From: Joshua J. Kugler <joshua@eeinternet.com>
Date: Wed Oct 12 2011 - 10:55:18 AKDT

On Wednesday, October 12, 2011, Christopher Howard elucidated thus:
> On 10/12/2011 12:39 AM, Joshua J. Kugler wrote:
> > On Tuesday, October 11, 2011, Christopher Howard elucidated thus:
> >> The official community doc just says to use the
> >> iptables-save command, but I think that only drops the rules to
> >> STDOUT.
> >
> > Right, which dumps them in a format that can then be fed to
> > iptables- restore. That's exactly the way you want to save them.
> > Where/how would you save them otherwise?
> >
> > j
> Right, that is of course the mechanism used to save and restore. But
> of course someone has to decide where the data is saved to and
> restored from, and during what part of the boot process this
> happens. Presumably this would be done by an init script, but I
> cannot find an init script named "iptables", so I am wondering if I
> need to add one myself, or if it has a different name, or...?
> Furthermore, I am wondering: if I can find no "iptables" init script,
> how do I even control whether or not the iptables service is starting
> at boot?

Ah, I see what you mean now. I've never started/stopped iptables at
boot/shutdown. I've always used a higher-level interface, shut as

What distribution are you using? One a RHEL5 system I admin, there is
an 'iptables' script in /etc/init.d, owned by the iptables package. The
debian package does not seem to have this. But even the RHEL init
script does not seem to use iptables-save/restore.


Joshua Kugler
Part-Time System Admin/Programmer
http://www.eeinternet.com - Fairbanks, AK
PGP Key: http://pgp.mit.edu/  ID 0x73B13B6A
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Oct 12 10:55:33 2011

This archive was generated by hypermail 2.1.8 : Wed Oct 12 2011 - 10:55:33 AKDT