IPTables won't start automatically after reboot - Red Hat 7
As per RHEL7/Centos7 there is no iptables service available in the default install. Instead they want you to use firewalld
which is turned on by default. (see man firewall-cmd
for more information on how to operate firewalld )
If you want to use iptables u need to install iptables-services
and enable them with systemctl enable iptables
. You will need to turn off firewalld with systemctl disable firewalld
.
If there isn't a really specific reason to use iptables or chkconfig I would advise you not use them. Instead I would invest in learning how firewalld and systemctl works.
Related videos on Youtube
user2694306
Updated on September 18, 2022Comments
-
user2694306 almost 2 years
In Red Hat 7 I'm trying to force the IP tables service to start automatically after reboot. Currently, after every reboot I need to run the command:
sudo systemctl start iptables
I've tried setting
sudo chkconfig iptables on
but it isn't running.
In my file
/etc/sysconfig/iptables-config
I've setIPTABLES_SAVE_ON_STOP="yes" IPTABLES_SAVE_ON_RESTART="yes"
Can someone let me know how to set this to start on reboot?
-
user9517 about 8 yearsYou need to sit down with the documentation, things have moved on in the RHEL firewall world.
-
David Tonhofer over 6 years
firewall-cmd --zone=public --add-service=http --permanent
andfirewall-cmd --zone=public --add-service=https --permanent
and thenfirewall-cmd --reload
-
-
user2694306 about 8 yearsThat didn't work. I still need to run the command every time that I restart.
-
peterh over 7 yearsWrite more it works and what it does. You could split the command into new lines, instead of this semicolon-separated ultralong line. There is a vote about your answer, if it loses, it will be deleted.
-
David Tonhofer over 6 yearsIndeed, the files
/etc/sysconfig/iptables
(and/etc/sysconfig/ip6tables
) to which should be written by the commands above (though not as given: the commands write to stdout, so you really would have to doiptables-save > /etc/sysconfig/iptables
) are not read on boot. Time forfirewalld
then.