1

I've tried to open port 8605 on my server (used for socket connections) using:

iptables -I INPUT 2 -s 0/0 -p tcp --dport 8605 -j ACCEPT

However the change is not persisting, the port closes itself once a day (I assume something is being regularly reloaded).

How can I make my change persist?

EDIT

Despite saving it, the change does not persist, each day it needs to be corrected.

Crontab does not seem to have any obvious changes, and the server is not restarting. Any ideas?

EDIT

I found out that iptables was running under apf - advanced policy firewall so I needed to updated the rules in there.

Nick
  • 113
  • 1
  • 2
  • 8
  • Kind thanks to all the answers, I have performed a save and will update if this doesn't resolve the problem. – Nick Oct 13 '09 at 14:23

3 Answers3

8

If your system is fedora-derived add the rule in /etc/sysconfig/iptables.

If you have already added your rule you should simply do a service iptables save.

You can always do
- service iptables save
- edit /etc/sysconfig/iptables as you need
- service iptables restart

drAlberT
  • 10,949
  • 7
  • 39
  • 52
1

You should mention if you are using RedHat or a Debian based system. With redhat / Centos, the service iptables save command should work.

Kyle Brandt
  • 83,619
  • 74
  • 305
  • 448
1

When you call iptables, you're changing the rules that are running, but that information isn't stored anywhere to be re-applied. To do that, you want to execute iptables statements on load. If you're not rebooting your server every day, I don't know what's resetting iptables, but there are lots of packages to help you by being useful front-ends. Ubuntu has ufw, RH/Fedora-based distros have system-config-securitylevel, and there are dozens of others. These typically apply the change and persist it to a script for when things are next reloaded.

T.J. Crowder
  • 887
  • 6
  • 22