*THIS DID NOT WORK FOR US WHEN WE UPGRADED TO 8.04, Caused an error on startup and took forever to boot. We ended up using firestarter instead of iptables on 8.04* You are able to simply type “iptables-save” however the network manager apparently can interfere with this so run some tests perhaps before you trust it.
Write your IPTABLES rules
Save the current rules to a file
sudo sh -c “iptables-save > /etc/iptables.rules”
Add the restore command to the interface device that you are trying to lockdown eg eth0 (add this at the end of the eth0 section)
pre-up iptables-restore < /etc/iptables.rules
Add the post down command to the end of the network lines
post-down iptables-restore < /etc/iptables.rules
Reboot and type sudo iptables –list to see if the rules have taken
[...] Ensure that the firewall (iptables) rules are present even after reboots an/or interface cycling see this link [...]
Pingback by Steps to consider (Post creation of Ubuntu Linux server) « RUBRIC Tech Team — January 7, 2008 @ 12:34 am |