snipt

Ctrl+h for KB shortcuts

Bash

Insert an iptables rule on a specific line number with a comment, and restore all rules after reboot

# First get the iptables list with the line numbers enabled
$ iptables -nL --line-numbers

# Look up the line number you want to use (the exisitng rule will shift down) and insert your rule
$ iptables -I INPUT {LINE_NUMBER} -i eth1 -p tcp --dport 21 -s 123.123.123.123 -j ACCEPT -m comment --comment "This rule is here for this reason"

# Aftarwards i always save my rules to a file in etc so i can reload them at the next reboot
$ iptables-save > /etc/iptables.local

# (To do this, add the following rule to your /etc/rc.local file)
/sbin/iptables-restore < /etc/iptables.local
https://snipt.net/embed/0a39b1876ea0dc5b0f5b2296cb563546/
/raw/0a39b1876ea0dc5b0f5b2296cb563546/
0a39b1876ea0dc5b0f5b2296cb563546
bash
Bash
11
2019-07-18T08:02:49
True
False
False
/api/public/snipt/39085/
insert-an-iptables-rule-on-a-specific-line-number-with-a-comment-and-restore-all-rules-after-reboot
<table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><a href="#L-1"> 1</a> <a href="#L-2"> 2</a> <a href="#L-3"> 3</a> <a href="#L-4"> 4</a> <a href="#L-5"> 5</a> <a href="#L-6"> 6</a> <a href="#L-7"> 7</a> <a href="#L-8"> 8</a> <a href="#L-9"> 9</a> <a href="#L-10">10</a> <a href="#L-11">11</a></pre></div></td><td class="code"><div class="highlight"><pre><span></span><span id="L-1"><a name="L-1"></a><span class="c1"># First get the iptables list with the line numbers enabled</span> </span><span id="L-2"><a name="L-2"></a>$ iptables -nL --line-numbers </span><span id="L-3"><a name="L-3"></a> </span><span id="L-4"><a name="L-4"></a><span class="c1"># Look up the line number you want to use (the exisitng rule will shift down) and insert your rule</span> </span><span id="L-5"><a name="L-5"></a>$ iptables -I INPUT <span class="o">{</span>LINE_NUMBER<span class="o">}</span> -i eth1 -p tcp --dport <span class="m">21</span> -s 123.123.123.123 -j ACCEPT -m comment --comment <span class="s2">&quot;This rule is here for this reason&quot;</span> </span><span id="L-6"><a name="L-6"></a> </span><span id="L-7"><a name="L-7"></a><span class="c1"># Aftarwards i always save my rules to a file in etc so i can reload them at the next reboot</span> </span><span id="L-8"><a name="L-8"></a>$ iptables-save &gt; /etc/iptables.local </span><span id="L-9"><a name="L-9"></a> </span><span id="L-10"><a name="L-10"></a><span class="c1"># (To do this, add the following rule to your /etc/rc.local file)</span> </span><span id="L-11"><a name="L-11"></a>/sbin/iptables-restore &lt; /etc/iptables.local </span></pre></div> </td></tr></table>
firewall, iptables, linux, reboot