Īs mentioned above the iptables-services was installed by me: ~]# rpm -aq iptables-servicesĮnabling the service with systemctl enable rvice instead of using systemctl enable iptables seems to make no difference because the same service file is linked: ~]# systemctl disable iptables ![]() What is the problem here ? I'm slowly getting gray hairs. It seems that the saved rules are not loaded at boot-time or that the "default"-rules are not flushed or whatever. When calling iptables-restore -c /etc/sysconfig/iptables the expected rules are displayed. I don't understand where the other rules come from. REJECT all - anywhere anywhere reject-with icmp-port-unreachableĪCCEPT udp - anywhere anywhere udp dpt:bootpc # Generated by iptables-save v1.4.21 on Thu Aug 20 10:46:40 2015Ī quick check to see if my rules are correct for now: ~]# iptables -Līut after rebooting the server the iptables rules looks like: ~]# iptables -LĪCCEPT udp - anywhere anywhere udp dpt:domainĪCCEPT tcp - anywhere anywhere tcp dpt:domainĪCCEPT udp - anywhere anywhere udp dpt:bootpsĪCCEPT tcp - anywhere anywhere tcp dpt:bootpsĪCCEPT all - anywhere 10.0.1.0/24 ctstate RELATED,ESTABLISHED A POSTROUTING -o virbr0 -p udp -m udp -dport 68 -j CHECKSUM -checksum-fill My iptables-file looks: # Generated by iptables-save v1.4.21 on Thu Aug 20 10:46:40 2015 Now i save my settings with the following command: iptables-save > /etc/sysconfig/iptables Iptables -A FORWARD -i enp6s0 -o virbr0 -j ACCEPT Iptables -t nat -A POSTROUTING -o enp6s0 -j MASQUERADE My rules for iptables are the following: iptables -Z SELinux is disabled by editing /etc/sysconfig/selinux. To use iptables instead of firewalld I install iptables-service and do: systemctl stop firewalld ![]() I installed a minimal CentOS 7 version on a development server to virtualize some linux guests with kvm/qemu.
0 Comments
Leave a Reply. |