[CentOS] Iptables not save rules

Tue Sep 13 13:09:50 UTC 2016
Jon LaBadie <jcu at labadie.us>

On Tue, Sep 13, 2016 at 08:16:28AM -0400, TE Dukes wrote:
> 
> 
> > -----Original Message-----
> > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> > Behalf Of John R Pierce
> > Sent: Sunday, September 11, 2016 10:44 PM
> > To: centos at centos.org
> > Subject: Re: [CentOS] Iptables not save rules
> > 
> > On 9/11/2016 8:55 AM, TE Dukes wrote:
> > > I have been using ipset to blacklist badbots. Works like a champ!
> > >
> > > The only problem is if I do a  system reboot, I lose the ipset and the
> rule.
> > >
> > > I changed /etc/sysconfig/iptables.conf to:
> > >
> > > IPTABLES_SAVE_ON_RESTART="yes"
> > > IPTABLES_SAVE_ON_STOP="yes"
> > >
> > > And followed the instructions in:
> > >
> > > https://www.centos.org/forums/viewtopic.php?t=3853
> > >
> > > The changes are still not saved.
> > 
> > wild guess says, you need to ...
> > 
> >      chkconfig on ipset
> >      service ipset start
> > 
> > and when you change ipset stuff,
> > 
> >      service ipset save
> > 
> > 
> > but I'm just guessing, I've never used ipsets.
> > 
> > 
> > --
> > john r pierce, recycling bits in santa cruz
> [Thomas E Dukes] 
> THANKS!!
> 
> I did not realize ipset was running as a service.
> 
> Been trying figure out what was wrong for a couple weeks.
> 
> Only way to know is to do a reboot and see what happens. Ipset save xxxxxx
> apparently doesn't really do anything.

No, but

  ipset save blacklist > blacklist.save

might.

jl
-- 
Jon H. LaBadie                 jon at jgcomp.com
 11226 South Shore Rd.          (703) 787-0688 (H)
 Reston, VA  20190              (703) 935-6720 (C)