How to backup and restore iptables on CentOS 7 / RHEL 7

by

In this post we will learn about how to backup and restore iptables on CentOS 7 and RHEL 7. The steps are still same as we have found in previous CentOS/RHEL versions.

For backup and restore process of iptables, you should be login with root user in system

Step 1 : To take iptables backup

iptables-save > iptables.bak

The iptables rules backup will be stored in file called iptables.bak (as given in above command. You can give any name to backup file)

Step 2 : To restore iptables

iptables-restore < iptables.bak

Restoring the iptables rules from backup file of iptables i.e iptables.bak which was created in Step 1

Given below is the reference from my system.(step by step)
With the help of iptables -nL command, you can list the iptables rule .
iptables -F will flush the iptables rules

[root@localhost ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@localhost ~]# 
[root@localhost ~]# iptables-save > iptables.bak 
[root@localhost ~]# 
[root@localhost ~]# cat iptables.bak 
# Generated by iptables-save v1.4.21 on Sun Jul 27 06:38:43 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14313:864296]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Sun Jul 27 06:38:43 2014
[root@localhost ~]# 
[root@localhost ~]# iptables -F
[root@localhost ~]# 
[root@localhost ~]# iptables-restore < iptables.bak 
[root@localhost ~]# 
[root@localhost ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@localhost ~]#

Related posts:

  1. How to backup and restore iptables on Linux systems
  2. How to start / stop / restart / reload iptables on CentOS 7 / RHEL 7
  3. How to protect from port scanning and smurf attack in Linux Server by iptables
  4. send email after mysql backup through bash script in simple way
  5. MySQL backup bash script
  6. postgres database backup script using database user password inside
  7. Taking file backup while using sed command with -i flag
  8. Cassandra backup script on linux system
  9. Save iptables permanently on Ubuntu
  10. How to install Nagios on CentOS 7 / RHEL 7

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.