Best way to manage custom IP tables rules

Issues related to configuring your network
Post Reply
Whoever
Posts: 1127
Joined: 2013/09/06 03:12:10

Best way to manage custom IP tables rules

Post by Whoever » 2020/04/11 01:27:24

I have a complex IPTables rule set which exists as a bash script on a CentOS 6 machine.

I now need to bring that rule set to CentOS7. The rules are sufficiently complex that it is impractical to re-code them using native tools. The script uses variable and is commented which makes editing them simpler.

What's the best way to bring this into a CentOS 7 VM without losing the ability to easily comment the rules?

User avatar
TrevorH
Forum Moderator
Posts: 29432
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Best way to manage custom IP tables rules

Post by TrevorH » 2020/04/11 03:20:48

Run service iptables save on the CentOS 6 machine then copy /etc/sysconfig/iptables from there to the CentOS 7 machine.

yum remove firewall\*
yum install iptables iptables-services
systemctl enable iptables.service
systemctl start iptables
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

User avatar
jlehtone
Posts: 3020
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Best way to manage custom IP tables rules

Post by jlehtone » 2020/04/11 08:48:14

In other words:
1. Get rid of firewalld
2. Get the familiar iptables.service
3. Update your script to match interface names on the C7 system
4. Run your script
5. Be happy. For now ...

Post Reply

Return to “CentOS 7 - Networking Support”