<table cellspacing="0" cellpadding="0" border="0" ><tr><td valign="top" style="font: inherit;">Hi,<div><br></div><div>I changed the iptables on my CentOS install but after rebooting the iptables are not set properly. Looking at /etc/sysconfig/iptables, it seems that they were saved properly. Do I need to change a setting somewhere to get them restored after a reboot?</div><div><br></div><div>Thanks</div><div><br></div><div>Fred</div><div><br></div><div><div>$ sudo cat /etc/sysconfig/iptables</div><div># Generated by iptables-save v1.4.7 on Mon Oct 18 08:43:55 2010</div><div>*nat</div><div>:PREROUTING ACCEPT [109:6588]</div><div>:OUTPUT ACCEPT [124:9172]</div><div>:POSTROUTING ACCEPT [124:9172]</div><div>-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080</div><div>-A OUTPUT -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080</div><div>COMMIT</div><div># Completed on Mon Oct 18 08:43:55
2010</div></div><div><br></div><div>-----------------------------------------------------</div><div><div>sudo cat /etc/sysconfig/iptables-config</div><div># Load additional iptables modules (nat helpers)</div><div># Default: -none-</div><div># Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which</div><div># are loaded after the firewall rules are applied. Options for the helpers are</div><div># stored in /etc/modprobe.conf.</div><div>IPTABLES_MODULES=""</div><div><br></div><div># Unload modules on restart and stop</div><div># Value: yes|no, default: yes</div><div># This option has to be 'yes' to get to a sane state for a firewall</div><div># restart or stop. Only set to 'no' if there are problems unloading netfilter</div><div># modules.</div><div>IPTABLES_MODULES_UNLOAD="yes"</div><div><br></div><div># Save current firewall rules on stop.</div><div># Value: yes|no, default: no</div><div># Saves all
firewall rules to /etc/sysconfig/iptables if firewall gets stopped</div><div># (e.g. on system shutdown).</div><div>IPTABLES_SAVE_ON_STOP="no"</div><div><br></div><div># Save current firewall rules on restart.</div><div># Value: yes|no, default: no</div><div># Saves all firewall rules to /etc/sysconfig/iptables if firewall gets</div><div># restarted.</div><div>IPTABLES_SAVE_ON_RESTART="no"</div><div><br></div><div># Save (and restore) rule and chain counter.</div><div># Value: yes|no, default: no</div><div># Save counters for rules and chains to /etc/sysconfig/iptables if</div><div># 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or</div><div># SAVE_ON_RESTART is enabled.</div><div>IPTABLES_SAVE_COUNTER="no"</div><div><br></div><div># Numeric status output</div><div># Value: yes|no, default: yes</div><div># Print IP addresses and port numbers in numeric format in the status
output.</div><div>IPTABLES_STATUS_NUMERIC="yes"</div><div><br></div><div># Verbose status output</div><div># Value: yes|no, default: yes</div><div># Print info about the number of packets and bytes plus the "input-" and</div><div># "outputdevice" in the status output.</div><div>IPTABLES_STATUS_VERBOSE="no"</div><div><br></div><div># Status output with numbered lines</div><div># Value: yes|no, default: yes</div><div># Print a counter/number for every rule in the status output.</div><div>IPTABLES_STATUS_LINENUMBERS="yes"</div></div><div><br></div></td></tr></table>