Jump to: navigation, search

OSL740 Lab 7

4 bytes added, 7 August
Part 3: Making iptables Policies Persistent
# Delete the rule in your '''INPUT''' and '''FORWARD''' chains that '''REJECT'''s any traffic you haven't '''ACCEPT''ed. You are better protected by the default '''DROP''' policy you set.
#To make the iptables rules '''persistent''' (i.e. keeps rules when system restarts), you issue the command: <b><code><span style="color:#3366CC;font-size:1.2em;">sudo sh -c 'iptables-save > /etc/sysconfig/iptables'</span></code></b> (NOTE: redirections happen before the actual command execution and don't run with the elevated sudo privileges, therefore we need to use 'sh -c')
<!-- [Ahad Mammadov] Added sh -c to skip the next step, and keep kept it here in case it's needed to restorebe restored
#You will notice that even when running the command with sudo, it isn't letting you write to <b><code><span style="color:#3366CC;font-size:1.2em;">/etc/sysconfig/iptables</span></code></b>. Use <b><code><span style="color:#3366CC;font-size:1.2em;">sudo -i</span></code></b>, then try to save them again. When done, log out of root user (exit sudo).-->
# Verify that the file '''/etc/sysconfig/iptables''' exists.

Navigation menu