December 2018
Beginner
826 pages
22h 54m
English
Content preview from Linux Administration Cookbook
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
There's more...
If you make changes with firewall-cmd or ufw, you can generally save the running config to the persistent config at the same time.
With iptables, we want to use iptables-save to modify our saved configuration, and ensure that it starts at boot:
$ sudo iptables-save# Generated by iptables-save v1.4.21 on Sun Aug 19 15:04:14 2018*filter:INPUT DROP [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [3:236]-A INPUT -i eth1 -p tcp -m tcp --dport 22 -j DROP-A INPUT -s 10.0.2.0/24 -p tcp -m tcp --dport 22 -j ACCEPT-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPTCOMMIT# Completed on Sun Aug 19 15:04:14 2018
This is all fine and dandy, except it's printed the configuration to standard out instead of saving it somewhere. Let's fix ...