The iptables entries are lost upon reboot with a standard configuration, but this can be applied on boot with the right script.
Create a script in the /etc/network/if-up.d
directory named iptables.
jason@hoshi:~$ sudo touch /etc/network/if-up.d/iptables [sudo] password for jason: |
Put this in it.
#!/bin/sh iptables-restore < /etc/iptables.conf |
Then make it executable to allow it to work correctly.
jason@hoshi:~$ sudo chmod +x /etc/network/if-up.d/iptables |
Then create the iptables.conf file in the /etc directory and put your iptables rules in it.
#!/bin/sh iptables-restore < /etc/iptables.conf root@ip-172-31-20-16:/etc/network/if-up.d# cd root@ip-172-31-20-16:~# cd /etc/ root@ip-172-31-20-16:/etc# cat iptables.conf # Generated by iptables-save v1.4.21 on Sun Feb 22 04:46:42 2015 *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 52.63.195.144 COMMIT # Completed on Sun Feb 22 04:46:42 2015 # Generated by iptables-save v1.4.21 on Sun Feb 22 04:46:42 2015 *filter :INPUT ACCEPT [623:72495] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [604:165720] COMMIT # Completed on Sun Feb 22 04:46:42 2015 |
This will put these iptables entries into the firewall upon each boot of the system.
1 thought on “How to have iptables entries applied on boot.”