I have a complex IPTables rule set which exists as a bash script on a CentOS 6 machine.
I now need to bring that rule set to CentOS7. The rules are sufficiently complex that it is impractical to re-code them using native tools. The script uses variable and is commented which makes editing them simpler.
What's the best way to bring this into a CentOS 7 VM without losing the ability to easily comment the rules?
Best way to manage custom IP tables rules
Re: Best way to manage custom IP tables rules
Run service iptables save on the CentOS 6 machine then copy /etc/sysconfig/iptables from there to the CentOS 7 machine.
yum remove firewall\*
yum install iptables iptables-services
systemctl enable iptables.service
systemctl start iptables
yum remove firewall\*
yum install iptables iptables-services
systemctl enable iptables.service
systemctl start iptables
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Best way to manage custom IP tables rules
In other words:
1. Get rid of firewalld
2. Get the familiar iptables.service
3. Update your script to match interface names on the C7 system
4. Run your script
5. Be happy. For now ...
1. Get rid of firewalld
2. Get the familiar iptables.service
3. Update your script to match interface names on the C7 system
4. Run your script
5. Be happy. For now ...