16.4. Storing iptables Information

Rules created with the iptables command are stored in memory. If the system is restarted after setting up iptables

/sbin/service iptables save

This executes the iptables init script, which runs the /sbin/iptables-save program and writes the current iptables configuration to the /etc/sysconfig/iptables. This file should only be readable by root.

The next time the system boots, the iptables init script will reapply the rules saved in /etc/sysconfig/iptables by using the /sbin/iptables-restore command.

While it is always a good idea to test a new iptables rule before committing it to the /etc/sysconfig/iptables file, it is possible to copy iptablesiptables rules to multiple machines.

	Important
	If distributing the /etc/sysconfig/iptables file to other machines, type /sbin/service iptables restart for the new rules take effect.