Shulou(Shulou.com)06/01 Report--

In this article, the editor introduces in detail "what is the persistence method of iptables rules", the content is detailed, the steps are clear, and the details are handled properly. I hope that this article "what is the persistence method of iptables rules" can help you solve your doubts.

Persistence of iptables rules

Set firewall rules

Iptables-An INPUT-s 1.1.1.1.1According 32-p tcp-m tcp-- dport 22-j DROPiptables-An INPUT-s 2.2.2.2 Plus 32-p tcp-m tcp-- dport 22-j DROPiptables-An INPUT-s 3.3.3.3Compare 32-p tcp-m tcp-- dport 22-j DROPiptables-An INPUT-s 4.4.4.4Universe 32-p tcp-m tcp-- dport 22-j DROP

Save firewall rules

Iptables-save > / etc/sysconfig/iptables

Set iptables rules for automatic recovery of boot

Vim / etc/rc.d/rc.localiptables-restoreiptables shutdown and automatic save

Clear the firewall rules first

Iptables-F

Save the iptables rules, that is, empty the / etc/sysconfig/iptables file

Iptables-save > / etc/sysconfig/iptables

Generate some iptables rules manually

Iptables-An INPUT-s 1.1.1.1.1According 32-p tcp-m tcp-- dport 22-j DROPiptables-An INPUT-s 2.2.2.2 Plus 32-p tcp-m tcp-- dport 22-j DROPiptables-An INPUT-s 3.3.3.3Compare 32-p tcp-m tcp-- dport 22-j DROPiptables-An INPUT-s 4.4.4.4Universe 32-p tcp-m tcp-- dport 22-j DROP

Check whether the iptables rule is in effect

[root@ecs-7740 init.d] # iptables-nvLChain INPUT (policy ACCEPT 27 packets 1978 bytes) pkts bytes target prot opt in out source destination0 0 DROP tcp-- * * 1.1.1.1 0.0.0.0 tcp dpt:220 0 DROP tcp-- * * 2.2.2.2 0.0.0.0 tcp dpt:220 0 DROP tcp-- * * 3.3.3.3 0.0.0.0 tcp dpt:220 0 tcp dpt:22-- * * 4.4.4.4 0.0.0.0 tcp dpt:22

Set the iptables rule to automatically save the script to be executed when the shutdown is created, and make sure it has the permission to execute it.

Vim / etc/init.d/shutdownshiptables-save > / etc/sysconfig/iptableschmod + x / etc/sysconfig/shutdownshls / etc/sysconfig/shutdownsh-rwxr-xr-x 1 root root 40 Jan 16 22:05 shutdownsh

Create a soft connection file to the rcN.d path, and N is the running level

Ln-s / etc/init.d/shutdownsh / etc/rc6.d/K01shutdownshln-s / etc/init.d/shutdownsh / etc/rc0.d/K01shutdownshln-s / etc/init.d/shutdownsh / var/lock/subsys/

Note: the above method (create an empty file or a soft connection in / var/lock/subusys, it is only valid for the first shutdown or restart, and the files under / var/lock/subsys will automatically disappear after reboot, so the script cannot be executed at the second shutdown or restart)

After reading this, the article "what is the persistence method of iptables rules" has been introduced. If you want to master the knowledge points of this article, you still need to practice and use it yourself. If you want to know more about related articles, welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.