You are not logged in.

#1 2017-09-03 17:59:15

_pheinrich_
Member
Registered: 2014-05-26
Posts: 53

Iptables rules not applied on boot

Hi,

my iptables rules to open my custom ssh port 2200 are not applied during boot.

# Generated by iptables-save v1.6.1 on Sun Sep  3 19:39:58 2017
*filter
:INPUT DROP [24848:7870362]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [3867:7831855]
-A INPUT -m state --state INVALID -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2200 -j ACCEPT
COMMIT

The iptables.service is enabled and seems to be executed successfully. But for some reason the rules are not applied during boot.

Running 'systemctl start iptables' manually is working.

Maybe it has to do with the network-re.target

[Unit]
Description=Packet Filtering Framework
Before=network-pre.target
Wants=network-pre.target

[Service]
Type=oneshot
ExecStart=/usr/bin/iptables-restore /etc/iptables/iptables.rules
ExecReload=/usr/bin/iptables-restore /etc/iptables/iptables.rules
ExecStop=/usr/lib/systemd/scripts/iptables-flush
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

Any ideas?

Offline

#2 2017-09-03 22:05:11

aiBo
Member
Registered: 2010-11-10
Posts: 50

Re: Iptables rules not applied on boot

Could you post the output of "journalctl -b -u iptables"? This might show what went wrong when the u it was started during boot.

Offline

Board footer

Powered by FluxBB