PDA

View Full Version : iptables-restore under f18



hobert
3rd October 2012, 05:40 PM
Hello! I set up my iptables in fedora 18, saved them to "/etc/iptables.save" and wanted to add the "iptables-restore" command in /etc/rc.local... Well the file doesn't exist anymore under that path - where can I now put this restore-command so that my iptables are being loaded with every boot - preferable before network starts.

greets hobert

DBelton
3rd October 2012, 08:53 PM
Fedora 18 isn't using iptables by default anymore. It has switched and is now using firewalld.

Have you changed yours to use iptables instead? If not, it doesn't make a difference where you put your iptables rules, because iptables isn't running.

hobert
3rd October 2012, 09:34 PM
thanks for your input! just red about firewalld - dynamic sounds great! there is - until now (or due to my poor search qualities) nothing to be found on how to configure firewall with firewall-cmd. Is there any way on how to migrate my 'old static iptable' rules?

DBelton
3rd October 2012, 09:52 PM
I haven't found any way to migrate iptables rules into firewalld, but would be very interested in finding a way as well. (Edit: you can configure firewalld using firewall-config which is a GUI interface)

Chances are, though, on my main machines, I will be remaining with iptables until I am certain firewalld is going to do what I need and be secure. I will only be using firewalld on my test machines until then.

also, I am moving this over into the F18 thread so it will be seen by people that are doing more of the testing on F18 that may not see it in the general support thread

hobert
4th October 2012, 09:25 AM
thanks again! would you be so kind and explain how to use iptables instead? I'm not as comfortable with using the gui... wish you all the best!

DBelton
4th October 2012, 04:31 PM
You should be able to go back to iptables by disabling firewalld and enabling iptables.



systemctl disable firewalld.service
systemctl stop firewalld.service

systemctl enable iptables.service
systemctl enable ip6tables.service
systemctl start iptables.service
systemctl start ip6tables.service

hobert
5th October 2012, 08:51 AM
thanks for the information!