Re: iptables config resets after restarting system

To: debian-user@lists.debian.org
Subject: Re: iptables config resets after restarting system
From: Pascal Hambourg <pascal@plouf.fr.eu.org>
Date: Sun, 12 Aug 2018 09:35:46 +0200
Message-id: <[🔎] 4c301aa3-7f41-4b53-2967-7d79dcadc927@plouf.fr.eu.org>
In-reply-to: <[🔎] f3232401-45f7-99a0-8ce6-afeabf112f0c@mail.com>
References: <[🔎] f3232401-45f7-99a0-8ce6-afeabf112f0c@mail.com>

Le 10/08/2018 à 22:29, Hubert Hauser a écrit :


echo " * allowing ping responses"
${IPTABLES} -A INPUT -p ICMP -j ACCEPT

${IP6TABLES} -A INPUT -p ICMPv6 -j ACCEPT

Replies to unicast echo requests have the ESTABLISHED state. So youdon't need an extra rule to accept them, unless you are sending echorequests to broadcast or anycast addresses.

Besides, theses rules accept not accept echo-reply but also ANY ICMP orICMPv6 type, including echo-request.

echo -e " * SAVING RULES\n"

iptables-save > /etc/iptables/rules.v4
iptables-apply /etc/iptables/rules.v4

ip6tables-save > /etc/iptables/rules.v6
ip6tables-apply /etc/iptables/rules.v6

echo -e "\n * DONE!\n"

Here's my iptables config before restarting system:


(...)

And after restarting system:


(a few differences)

Running command fwall-rules after restarting system works. What am I
doing wrong?


How do yo restore the ruleset at startup ?
Are you using the same file ?

Reply to:

References:
- iptables config resets after restarting system
  - From: Hubert Hauser <hubot@mail.com>

Prev by Date: Re: Problems with kernel 4.17.0-1-amd64
Next by Date: Re: Problems with kernel 4.17.0-1-amd64
Previous by thread: Re: iptables config resets after restarting system
Next by thread: New su behavior in util-linux 2.32
Index(es):
- Date
- Thread