3

I want to make an iptable rule permanent so if the server is rebooted I won't have to add the rule again.

Specifically a rule I have related to nginx being reverse proxy of apache.

iptables -t nat -A PREROUTING -p tcp -s ! 266.266.266.266 --dport 80 -j REDIRECT --to-ports 85

I tried iptables-save but either I didn't use the correct files or it doesn't work for me.

Note that I use directadmin control panel for the server as well as http://configserver.com/cp/csf.html

So there is a possibility those interfere, since the rules were not there even though there wasn't any server reboot several times.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
diav
  • 33
  • 1
  • 3

2 Answers2

9

You can use the service iptables save command.

Kenny Rasschaert
  • 8,925
  • 3
  • 41
  • 58
6

You can run /etc/init.d/iptables save.

This will write out the file /etc/sysconfig/iptables. Look at that file to verify that the contents has the rules that you want (it won't be in same format as iptables run from the command line, but you should be able to get the gist of it).

Make sure that iptables is set to run on reboot. Run chkconfig --list iptables to see if it's "on" for startup. If not, run chkconfig iptables on, and the run chkconfig --list iptables. You should see "on" in runlevels 2, 3, 4, 5.

cjc
  • 24,533
  • 2
  • 49
  • 69