IPtables reset on reboot, how do I tell what is causing this
Solution 1
Stopping iptables
from starting during bootup using chkconfig
would normally solve your problem, however since you mentioned that you had some "Cyber Security" people work on your server it's possible that iptables
is configured to start using a non-standard method. Adding commands to the file /etc/rc.local
is one such method. Any commands in the file are executed during bootup so it's possible the iptables
commands are in there. You can try searching through all of your system's initialization scripts for iptables
commands using:
$ sudo grep -r iptables /etc/rc*
or even one level higher
$ sudo grep -r iptables /etc*
If you can't find where the ruleset is being loaded from, you can look at the system's default ruleset /etc/sysconfig/iptables
and compare it to the loaded rules using:
$ sudo iptables -vnL
If the rules in the file are the rules that are loaded upon reboot, then configure your ruleset how you want it and overwrite the file using iptables-save
as root:
# iptables-save > /etc/sysconfig/iptables
That won't completely solve your problem but it will give you more control in the meantime.
Solution 2
I would look at your startup scripts, most likely /etc/rc.d/rc.local
, and find out where the iptables startup rules are coming from.
To flush rules from all filter
chains, you can do iptables -t filter -F
.
Related videos on Youtube
trueCamelType
I change stacks every couple of months, so I feel like a mid-level developer for life. I love learning new things, and happened to land in a career field that allows me to try lots of different things regularly. Trumpet player, Lumberjack, Hobbyist.
Updated on September 18, 2022Comments
-
trueCamelType over 1 year
Using RHEL, and I have had some "Cyber Security" people work on my server. I'm now using this server in a completely closed environment with no outward network connection, and would like my iptables set to completely off. I have used these commands:
chkconfig iptables off service iptables save service iptables stop chkconfig ip6tables off service ip6tables save service ip6tables stop
The Issue
Every time I restart the server the iptables are back on their incredibly restrictive settings. Am I not doing something correctly, or do they have a script that could be running and resetting the iptables settings. If there is a script, how could I figure out where this is coming from to disable it.
-
trueCamelType almost 10 yearsThank you, that has temporarily fixed the problem, and I'll continue looking for the script that is causing the problem (I've already checked the cron jobs.)
-
-
trueCamelType almost 10 yearsI set the rules as I wanted them, which is essentially no rules, and then ran the iptables-save > /etc/sysconfig/iptables, and it blanked out that file (which seems ok, but I'm not sure). When I restarted the system, now the iptables rules are back where the way I don't want them, and the iptables file in /etc/sysconfig is still empty. Does that seem odd?
-
Chad K almost 10 years@Slimmons The ruleset can be saved anywhere,
/etc/sysconfig/iptables
is just the default location. You might be able to override what's being loaded automatically. If you save a ruleset and load it using/etc/rc.local
that could work. You might also want to see if any firewall software was recently installed that you could have overlooked.