How can I use docker without sudo?

Question

Eaten by a Grue

Asked: 2014-07-06 19:21:40 +0800 CST2014-07-06 19:21:40 +0800 CST 2014-07-06 19:21:40 +0800 CST

keep iptables up to date

772

I've installed iptables-persistent (Ubuntu 14.04) with the impression that it automatically saves iptables on shutdown but that appears not to be the case? It seem to load saved rules at startup but unless I save them beforehand (service iptables-persistent save) they are loaded from an older ruleset.

Am I doing something wrong or is this the way the iptables-persistent package is meant to behave?

Is there a recommended method of keeping /etc/iptables/rules.v4 current so that it is always up to date in the event of an unexpected power outage, or in case I restart and forget to save the rules?

I've considered using a cron script but really not sure if I am simply misunderstanding or have something configured wrong.

3 Answers

Voted

Panther · Answer 1 · 2014-07-06T21:29:34+08:00

Panther

2014-07-06T21:29:34+08:002014-07-06T21:29:34+08:00

By default, Ubuntu uses ufw. You are going to be best off using ufw to configure iptables.

If you wish to use iptables directly, you can the use iptable-persistent, but you must save your rules first.

I believe this command will help:

sudo bash -c "iptables-save > /etc/iptables/rules"

You can do this without installing iptables-persistent :

Other examples:

2

snapfractalpop · Answer 2 · 2017-09-05T03:07:25+08:00

You are correct that the iptables-persistent package does not automatically save your rules for you on shutdown. This can help prevent being locked out of a remote system.

/usr/share/doc/iptables-persistent/README:

The Debian Package iptables-persistent
----------------------------

This is a very simple script that restores the file /etc/iptables/rules.v4 as
the active ruleset at system boot.

If it exists, IPv6 rules are also restored from /etc/iptables/rules.v6

Loading of rules is guaranteed to happen before network interfaces are
brought up.

To save the current ruleset, use "iptables-save >/etc/iptables/rules.v4"
or "ip6tables-save >/etc/iptables/rules.v6", or
"invoke-rc.d iptables-persistent save"

 -- Simon Richter <[email protected]>  Wed, 01 Jul 2009 13:43:43 +0200
 -- Jonathan Wiltshire <[email protected]>  Thu, 30 Dec 2010 00:00:00 +0000

When the iptables-persistent package is first installed, it asks you if you want to save your current configuration. I believe you can also trigger this with sudo dpkg-reconfigure iptables-persistent.

arcticmac · Answer 3 · 2016-02-24T10:49:14+08:00

arcticmac

2016-02-24T10:49:14+08:002016-02-24T10:49:14+08:00

Recent versions of iptables-persistent save the state of rules once at configuration time, rather than repeatedly at every reboot. It appears that this used to work differently...

0

keep iptables up to date

How to install Google Chrome

Is there a command to list all users? Also to add, delete, modify users, in the terminal?

How to delete a non-empty directory in Terminal?

How to unzip a zip file from the Terminal?

How can I copy the contents of a folder to another folder in a different directory using terminal?

How do I install a .deb file via the command line?

How do I run .sh scripts?

How do I install a .tar.gz (or .tar.bz2) file?

How to list all installed packages

Unable to lock the administration directory (/var/lib/dpkg/) is another process using it?