CentOS 7 - Load settings for iptables at OS startup

Question

I would like to load the settings below for iptables on CentOS 7 at OS startup using a bash script.

How can I do this?

#!/bin/bash

iptables -I OUTPUT -d 0.0.0.0/0 -j ACCEPT
iptables -I FORWARD -d 0.0.0.0/0 -j ACCEPT
iptables -I INPUT -d 0.0.0.0/0 -j ACCEPT
iptables -t nat -I PREROUTING -d 0.0.0.0/0 -p tcp --dport 222 -j DNAT --to-destination 10.1.0.9:22

NOTE: I know the default CentOS 7 firewall service is firewall-cmd and I don't want to remove it (use the iptables service instead). I am trying this approach because apparently the firewall-cmd does not work for the above settings (see thread firewall-cmd - add-forward-port don't work para mais informações).

Thanks! =D

score 1 · Answer 1 · answered Aug 23 '19 at 01:13

First you use

iptables-save >/wherever/iptables.save

Then

iptables-restore </wherever/iptables.save

Then you have to know if your linux is systemd or init

If its systemd then you can create a fake service to load the file.

You could try

chkconfig iptables on

Then you need to locate and replace the existing iptables saved file.

I would try

find / -iname "iptables.save"

and see if you can find it that way.

See Also https://serverfault.com/a/739465/206895

To be continued....

CentOS 7 - Load settings for iptables at OS startup

1 Answers1