The following lines allow SMTP and HTTP traffic through an IPTABLES firewall. But this information is not automatically saved and reloaded if the service restarts.
iptables -I INPUT -p tcp –dport 25 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -I INPUT -p tcp –dport 80 -m state –state NEW,ESTABLISHED -j ACCEPT
iptables-save
Whenever you make a change to your firewall, on a Fedora/CentOS type system, you will want to save the changes.
The output can be redirected to a file.
# iptables-save > /root/firewall-rules
The following command line restores all rules from /root/firewall-rules assuming that the file /root/firewall-rules exists.
# iptables-restore < /root/firewall-rules
By default, iptables-restore deletes all existing rules before restoring the saved rules. If the saved rules are to be appended to existing rules, use the -n or –noflush option.
Save Your Firewall and Load on Restart
You will need to edit the /etc/sysconfig/iptables-config as root to help iptables save and reload your firewall correctly. Be sure the following settings are changed to “yes”.
# Unload modules on restart and stop
# Value: yes|no, default: yes
# This option has to be ‘yes’ to get to a sane state for a firewall
# restart or stop. Only set to ‘no’ if there are problems unloading netfilter
# modules.
IPTABLES_MODULES_UNLOAD=”yes”
# Save current firewall rules on stop.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
# (e.g. on system shutdown).
IPTABLES_SAVE_ON_STOP=”yes”
# Save current firewall rules on restart.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
# restarted.
IPTABLES_SAVE_ON_RESTART=”yes”