IPtables reset on reboot, how do I tell what is causing this

rhel iptables iptables-persistent
8,790

Solution 1

Stopping iptables from starting during bootup using chkconfig would normally solve your problem, however since you mentioned that you had some "Cyber Security" people work on your server it's possible that iptables is configured to start using a non-standard method. Adding commands to the file /etc/rc.local is one such method. Any commands in the file are executed during bootup so it's possible the iptables commands are in there. You can try searching through all of your system's initialization scripts for iptables commands using:

$ sudo grep -r iptables /etc/rc*

or even one level higher

$ sudo grep -r iptables /etc*

If you can't find where the ruleset is being loaded from, you can look at the system's default ruleset /etc/sysconfig/iptables and compare it to the loaded rules using: 

$ sudo iptables -vnL

If the rules in the file are the rules that are loaded upon reboot, then configure your ruleset how you want it and overwrite the file using iptables-save

as root:
# iptables-save > /etc/sysconfig/iptables

That won't completely solve your problem but it will give you more control in the meantime.

Solution 2

I would look at your startup scripts, most likely /etc/rc.d/rc.local, and find out where the iptables startup rules are coming from.

To flush rules from all filter chains, you can do iptables -t filter -F.

Share:
8,790

Related videos on Youtube

trueCamelType
Author by

trueCamelType

I change stacks every couple of months, so I feel like a mid-level developer for life. I love learning new things, and happened to land in a career field that allows me to try lots of different things regularly. Trumpet player, Lumberjack, Hobbyist.

Updated on September 18, 2022

Comments

  • trueCamelType
    trueCamelType over 1 year

    Using RHEL, and I have had some "Cyber Security" people work on my server. I'm now using this server in a completely closed environment with no outward network connection, and would like my iptables set to completely off. I have used these commands:

    chkconfig iptables off
service iptables save
service iptables stop

chkconfig ip6tables off
service ip6tables save
service ip6tables stop

    The Issue

    Every time I restart the server the iptables are back on their incredibly restrictive settings. Am I not doing something correctly, or do they have a script that could be running and resetting the iptables settings. If there is a script, how could I figure out where this is coming from to disable it.

    • trueCamelType
      trueCamelType almost 10 years
      Thank you, that has temporarily fixed the problem, and I'll continue looking for the script that is causing the problem (I've already checked the cron jobs.)
  • trueCamelType
    trueCamelType almost 10 years
    I set the rules as I wanted them, which is essentially no rules, and then ran the iptables-save > /etc/sysconfig/iptables, and it blanked out that file (which seems ok, but I'm not sure). When I restarted the system, now the iptables rules are back where the way I don't want them, and the iptables file in /etc/sysconfig is still empty. Does that seem odd?
  • Chad K
    Chad K almost 10 years
    @Slimmons The ruleset can be saved anywhere, /etc/sysconfig/iptables is just the default location. You might be able to override what's being loaded automatically. If you save a ruleset and load it using /etc/rc.local that could work. You might also want to see if any firewall software was recently installed that you could have overlooked.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

add rule to firewalld in Centos7 to allow all traffic from a server
IPTables allow NTP Time Server
Port Forward :80 and :8080 to Two Different Servers
how to check if firewall is stopped on redhat 7
Is firewalld the same as iptables?
how to make firewall changes permanent via firewall-cmd?
Does iptables -F permanently delete all iptables rules?
How to let the Firewall of RHEL7 the SNMP connection passing?
How can I make iptables service start automatically after reboot on CenOS/RHEL7?
( /etc/sysconfig/iptables ) "Manual customization of this file is not recommended." Why?