How to use the command 'iptables-save' (with examples)

How to use the command 'iptables-save' (with examples)

This article will illustrate the various use cases of the ‘iptables-save’ command. This command is used to save the configuration of the ‘iptables’ firewall for IPv4. It allows users to print the current configuration or specify a table or file for the output. The article will provide step-by-step examples for each use case.

Use case 1: Print the iptables configuration

Code:

sudo iptables-save

Motivation: The motivation for using this example is to check the current configuration of the ‘iptables’ firewall. By printing the configuration, users can verify the rules and settings that are currently in place.

Explanation: The command ‘iptables-save’ is used to print the current configuration of the ‘iptables’ firewall. It does not require any additional arguments.

Example output:

# Generated by iptables-save v1.4.21 on Thu May 20 10:10:10 2021
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [123:456]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
COMMIT

This output shows a portion of the ‘iptables’ firewall configuration. The configuration consists of a filter table with input, forward, and output chains. It also includes specific rules for accepting incoming TCP connections on ports 22 and 80.

Use case 2: Print the iptables configuration of a specific table

Code:

sudo iptables-save --table table

Motivation: The motivation for using this example is to view the configuration of a specific table within the ‘iptables’ firewall. This can be useful when troubleshooting or inspecting a particular table’s rules.

Explanation: The command ‘iptables-save’ supports the use of the ‘–table’ argument to specify a specific table to print. Replace ’table’ in the code above with the name of the desired table (e.g., ‘filter’, ’nat’, ‘mangle’).

Example output:

# Generated by iptables-save v1.4.21 on Thu May 20 10:10:10 2021
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [123:456]
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
COMMIT

This output is the same as in the previous example, demonstrating the configuration of the ‘filter’ table within the ‘iptables’ firewall.

Use case 3: Save the iptables configuration to a file

Code:

sudo iptables-save --file path/to/file

Motivation: The motivation for using this example is to save the current ‘iptables’ firewall configuration to a file. This can be useful for documentation purposes, or to restore the configuration at a later time.

Explanation: The command ‘iptables-save’ supports the use of the ‘–file’ argument to specify a file path where the configuration will be saved. Replace ‘path/to/file’ in the code above with the desired file path and name.

Example output:

No output will be displayed when using this command. The ‘iptables’ configuration will be saved directly to the specified file.

Conclusion:

The ‘iptables-save’ command is a versatile tool for managing the configuration of the ‘iptables’ firewall in IPv4. It allows users to print the current configuration, view specific tables, and save the configuration to a file. By understanding and utilizing these use cases, users can effectively manage their firewall rules and settings.

Tags :

Related Posts

How to use the command 'couchdb' (with examples)

How to use the command 'couchdb' (with examples)

The command ‘couchdb’ is the command-line interface for Apache CouchDB, a database server.

Read More
How to use the command pop (with examples)

How to use the command pop (with examples)

The pop command is a powerful tool that allows you to send emails directly from your terminal.

Read More
Using usbip Command (with examples)

Using usbip Command (with examples)

USBIP is a command-line tool that allows USB devices to be used remotely.

Read More