How to save iptables configuration on Redhat Enterprise Server 7

Question

I have a Redhat server (Red Hat Enterprise Linux Server release 7.2 (Maipo)) that resets iptable rules on re/boot.

According to the version 6 documentation, I execute:

/sbin/service iptables save

which returns:

The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.

If I understand the message correctly, I attempted the following:

sudo systemctl iptables save

which returns:

Unknown operation 'iptables'.

I cannot locate the version 7 documentation on saving ip tables specifically, but previous versions support the same command.

What command should I run to save iptables config?

For reference:

firewall d satatus:

systemctl status firewalld
firewalld.service
   Loaded: not-found (Reason: No such file or directory)
   Active: inactive (dead)

[Similar question](https://serverfault.com/questions/626521/centos-7-save-iptables-settings) for CentOS 7 — Carl Walsh, Jul 21 '21 at 00:10

aesnak · Accepted Answer · 2016-09-06T14:21:03.843

22

You should install iptables-services package.

Then service iptables save will work. Also these commands will work too:

# iptables-save > /etc/sysconfig/iptables
# ip6tables-save > /etc/sysconfig/ip6tables

AFAIK, systemctl doesn't have any option to save iptables-services' configuration.

Note: systemctl syntax is as follow : systemctl <operation> <unit>

edited Sep 06 '16 at 14:21

answered Sep 06 '16 at 14:14

aesnak

561
4
12

By the way, i do not recommend above ways if the rule changes are permanent. I choose to keep comments about rules in `/etc/sysconfig/iptables` file that system administrators should do in order to provide information for future administrators or just a reminder. If you save the configuration with above commands, comments will be lost. Simply use a text editor to edit the file and reload the service with systemctl. – aesnak Sep 06 '16 at 14:48

score 1 · Answer 2 · answered Apr 13 '18 at 08:44

Here is link to Security Guide for Red Hat 7: using_firewalls

I use

# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.4 (Maipo)

And status of firewalld service:

# systemctl status firewalld
Active: active (running) since Fri 2018-04-13 10:00:18 CEST; 31min ago

So I think, you could also enable firewalld service:

systemctl start firewalld
systemctl enable firewalld

And change rules via firewall-config

Press Super
Type firewall,
Select Permanent in drop down menu
Put necessary settings

the question is about iptables, not firewalld – Alexis Nov 30 '21 at 02:37 — Alexis, Nov 30 '21 at 02:37

How to save iptables configuration on Redhat Enterprise Server 7

2 Answers2