| How To Save And Restore Iptables Rule-sets |
 |
 |
 |
| How To - Iptables | |
| Written by Christian Foronda | |
| Thursday, 03 February 2011 16:53 | |
|
The iptables-save command is, a tool to save the current rule-set into a file that iptables-restore can use. The below command will in save the whole rule-set to a file called /etc/iptables-save with byte and packet counters still intact. # iptables-save -c > /etc/iptables-save
The -c argument tells iptables-save to keep the values specified in the byte and packet counters. This could for example be useful if we would like to reboot our main firewall, but not loose byte and packet counters which we may use for statistical purposes. Issuing a iptables-save command with the -c argument would then make it possible for us to reboot but without breaking our statistical and accounting routines.
The iptables-restore command is used to restore the iptables rule-set that was saved with the iptables-save command. The below command would cat the rule-set located within the /etc/iptables-save file and then pipe it to iptables-restore which takes the rule-set on the standard input and then restores it, # cat /etc/iptables-save | iptables-restore -c
or # iptables-restore -c < /etc/iptables-save
The -c argument restores the byte and packet counters and must be used if you want to restore counters that was previously saved with iptables-save. Reference: Similar articles
|
|
| Last Updated on Thursday, 03 February 2011 18:56 |
