1

I was trying to save iptable configuration and someone suggested me iptables-save which wasn't convencing for me. I logged in and tried /etc/init.d/iptables save and service command, none worked and didn't find any online reference.

-bash-4.2# iptables --version   
iptables v1.4.19.1
-bash-4.2# 

 -bash-4.2# uname  -a
Linux server 2.6.32-042stab120.6 #1 SMP Thu Oct 27 16:59:03 MSK 2016 x86_64 x86_64 x86_64 GNU/Linux
-bash-4.2#

-bash-4.2# cat /etc/SuSE-brand 
BasedOnopenSUSE
VERSION = 13.1
-bash-4.2#

EDIT: Error message I am getting when tried /etc/init.d/iptables save and service iptables save

 server:~ # /etc/init.d/iptables save; cat /etc/os-release | grep VER
    -bash: /etc/init.d/iptables: No such file or directory
    VERSION="13.1 (Bottle)"
    VERSION_ID="13.1"
server:~ # service iptables save
service: no such service iptables
server:~ #

What is the command in suse to reload iptables configuration in openSUSE?

prado
  • 181
  • 1
  • 2
  • 14

2 Answers2

5

in openSUSE the iptables are not designed to be manipulated directly. There is no way to store the current state in a way you can reload it later.

The firewall settings are stored in /etc/sysconfig/SuSEfirewall2. You can either edit this file directly or use YaST to configure it. After changing the file you have to run /sbin/SuSEfirewall2 or service SuSEfirewall2 start to load the changes.

See the documentation for details on the configuration:

Gerald Schneider
  • 23,274
  • 8
  • 57
  • 89
0

I don't know about SuSE but on CentOS the service iptables save command uses iptables-save to (eventually) write the filrewall state to /etc/sysconfig/iptables. You may want to load the script into your favourite text editor - it's generally quite readable.

When you run service iptables start, firewall stare is loaded from /etc/sysconfig/iptables.

If you want to reload the firewall state then try service iptables reload or even service iptables restart

user9517
  • 115,471
  • 20
  • 215
  • 297
  • I need answer specifically for suse – prado Jan 25 '17 at 07:50
  • Go and read the script then, you'll likely find that at most the destination file is different. – user9517 Jan 25 '17 at 07:53
  • @istheEnglishway while this is true for most distributions, it is different with SuSE. See for yourself: https://github.com/openSUSE/susefirewall2/blob/master/SuSEfirewall2 – Gerald Schneider Jan 25 '17 at 07:58
  • @GeraldSchneider so in that case the op should be getting an error message when running `/etc/init.d/iptables save` that they are not discolsing. – user9517 Jan 25 '17 at 08:05
  • @GeraldSchneider See, now it all becomes clear ... cluelessness rules. – user9517 Jan 25 '17 at 08:16
  • @istheEnglishway I edited the question for you. – prado Jan 25 '17 at 08:16
  • @prado No, no, you edited the question for yourself! If you don't provide all of the relevant information, how can you expect to get a good answer ? – user9517 Jan 25 '17 at 08:18
  • @istheEnglishway In the topic itself I mentioned the question is related to openSUSE(my mistake I didn't mention the error at first) and I am not sure what more information you gained from that error message. – prado Jan 25 '17 at 08:23
  • What I gained was that I was mistaken in trying to help you. LInux commands are generally quite regular. There may be minor differences but in general they port well. So if `service iptables save` had actually worked on your system then in general it would have created a file somewhere that contained the state. Similarly I would expect `service iptables start`/`reload` to reload that file. Anyway - you're now on my clueless list so I won't be bothering to waste any more of my life trying to help you. – user9517 Jan 25 '17 at 08:31