Normally, the defined rules are set to sustain until the next reboot. If working with complex and multiple rules, you may need to save them. If you have no idea how to go about this, the Linux iptables-save command does the job. This guide covers a practical usage of the command.
Working with Iptables Rules
To filter the network traffic, one must clearly define the iptables rules. The defined rules get stored in the system memory. Therefore, the rules are not persistent. And when the system reboots, you must define your rules again. Working with few rules is practical. But how about when you have multiple common rules? The solution is to save them, and there is a way you can do it.
1. Viewing Available Rules
If you are unsure of the rules that you already set, you can always list them. The iptables command offers a few options for listing the rules. Use the following command to list the rules in line numbers:
We currently have no firewall rule set for this example, but we will add them later. Your output should display the set rules.
Let’s create a new rule.
2. Adding Iptables Rules
The iptables allow the defining of the firewall rules for your network. For our example, we will create a rule to block all the connections from a specific IP address. Our target IP is 18.104.22.168, and we will block its connections using the following rule:
Go ahead and list the available rules. In this case, we will see our new rule added.
However, the rule will be lost if we reboot the system and check the same iptables rules. To avoid clearing the rules each time the system reboots, we should save the files after adding them.
3. Saving Iptables Rules
The command to save the firewall rules is iptables-save. By using it, you can specify the file to save and access it later.
To save the rules without specifying a file, run the command shown in the following image:
The bad side with this method is that you can’t restore the rules from a file.
To save the file on a file, for instance, in a file named rules.v4, the command will be:
Remember, you must be the root before you execute the command.
Now, let’s reboot the system and open our iptables to confirm if there are any rules defined.
From the output, no rules are currently set. However, unlike where we had to create the rules again, we can now restore the saved rules from the file.
4. Restoring Iptables Rules
The process of restoring the rules is easy. You only need to specify the path to the file like in the following command:
Once restored, you can open the iptables to see the available rules.
That’s it! We have our previously created rules restored to use for the session. All you need to use the same rules in the future is to restore them from the file. Besides, you can also update them depending on your need.
You no longer need to get frustrated in losing your firewall rules after a reboot. We’ve covered how you can use the iptables-save Linux command which lets you save your rules and restore them from the file whenever necessary.