Iptables list doesn't persist across restarts

Question

I am trying to white list CloudFlare's IP addresses on my server by issuing these:

iptables -N whitelist
iptables -A whitelist -s 204.93.177.0/24 -j ACCEPT
iptables -A whitelist -s 199.27.128.0/21 -j ACCEPT
iptables -A whitelist -s 173.245.48.0/20 -j ACCEPT
iptables -A whitelist -s 103.22.200.0/22 -j ACCEPT
iptables -A whitelist -s 141.101.64.0/18 -j ACCEPT
iptables -A whitelist -s 108.162.192.0/18 -j ACCEPT

and when I type: iptables -L I see:

Chain whitelist (0 references)
target     prot opt source               destination
ACCEPT     all  --  network/24           anywhere
ACCEPT     all  --  199.27.128.0/21      anywhere
ACCEPT     all  --  173.245.48.0/20      anywhere
ACCEPT     all  --  103.22.200.0/22      anywhere
ACCEPT     all  --  141.101.64.0/18      anywhere
ACCEPT     all  --  108.162.192.0/18     anywhere

then I restart iptables by doing service iptables restart. However, nothing changed and it didn't white list those IPs :( Am I missing something?

Are you referencing the `whitelist` chain from anywhere? What's your `INPUT` chain look like? — Shane Madden, Jan 20 '12 at 19:07

score 8 · Accepted Answer · answered Jan 20 '12 at 19:19

You need to save the configuration before restarting. On Redhat systems, this goes in /etc/sysconfig/iptables. The easiest way to do this is:

Issue your commands
run iptables -L to check the config
run service iptables save
run service iptables restart to reload
check the config again with iptables -L

Iptables list doesn't persist across restarts

1 Answers1