Menu
I'm trying to redirect http traffic to port 8080 on the same machine and have the iptables rules below working.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080 I'm trying to figure out how to make this change permanent incase of a reboot of the system.
I'm using Ubuntu 11.10 server.
823
That is because iptables rules, by default, will not persist after a reboot. After configuring your system's iptables rules, there is one more important step thay you must do in order to make sure the rules are still there after a reboot.
You need to use the iptables-save command. It is used to dump the contents of an IP Table in easily parseable format to screen. Using I/O-redirection provided by your shell you can save iptables firewall rules to a text file. To restore iptables rules use the iptables-restore command.
Ubuntu (and Debian) offer the package iptables-persistent (Debian: http://packages.debian.org/wheezy/iptables-persistent , Ubuntu: http://packages.ubuntu.com/saucy/iptables-persistent) , which does exactly what you want. As root, or via sudo:
apt-get install iptables-persistent iptables-save > /etc/iptables/rules.v4 If you're working with ip6tables, you'll want to also ip6tables-save > /etc/iptables/rules.v6.
You must save the tables again (iptables-save > /etc/iptables/rules.v4, ip6tables-save > /etc/iptables/rules.v6) after any change you make.
On older versions (before iptables-0.5, and before Debian Wheezy) you will need write to a different file:
iptables-save > /etc/iptables/rules One way to do this would be:
vim /etc/network/interfaces Append the below line along with your lo directives:
post-up /sbin/iptables-restore < /etc/iptables-up.rules Now run the below command
iptables-save > /etc/iptables-up.rules I hope this helps.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
