Is there a way to persist iptables config using only default iptables on RHEL 7? (NOT iptables-services or firewallD!)

Question

I have a RHEL7 environment isolated from Internet in a DMZ network.

by default, only iptables is installed, neither iptables-service & firewalld is installed and CANNOT be installed from Internet. So all these commands are not effective:

(sudo) service iptables stop
(sudo) service firewalld stop

I'm able to use iptables -A to append rules, which are erased after every reboot. I'm looking for a way to let RHEL NOT to erase them after every reboot. But there seems to be no way to do so without using iptables-service or firewalld. Could you instruct me how to achieve this without Internet access?

Download the packages you need onto a USB stick, and walk them over to the machine. — Michael Hampton, Oct 23 '16 at 20:04

score 1 · Answer 1 · answered Oct 18 '16 at 23:19

1

iptables-save > /etc/iptables.save
echo "iptables-restore < /etc/iptables.save" > /etc/rc.d/rc.local
chmod u+x /etc/rc.d/rc.local
systemctl start rc-local
systemctl enable rc-local

answered Oct 18 '16 at 23:19

Anubioz

3,677
18
23

score 0 · Answer 2 · answered Oct 18 '16 at 22:42

0

before reboot:

iptables-save > /etc/iptables.save

after reboot:

iptables-restore < /etc/iptables.save

answered Oct 18 '16 at 22:42

Ipor Sircer

1,226
7
8

That should work manually, thanks a lot! But is there a startup save from which RHEL iptables will automatically load on rebooting? – tribbloid Oct 18 '16 at 22:45
sure, just use rc-local service https://www.certdepot.net/rhel7-rc-local-service/ – Anubioz Oct 18 '16 at 23:18

Is there a way to persist iptables config using only default iptables on RHEL 7? (NOT iptables-services or firewallD!)

2 Answers2