frame

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

How To Migrate Iptables Firewall Rules To A New Server

LawrenceLawrence Member
edited May 2017 in Linux Applications


Introduction

When migrating from one server to another, it is often desirable to migrate the iptables firewall rules as part of the process. This tutorial will show you how to easily copy your active iptables rule set from one server to another.


Export Iptables Rules

Before we start migrating our iptables rules let's see that they are set to:

iptables -S

It should look something like our example:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT


Now we can export the current rules to a new file. For this we will use iptales-save command:

iptables-save > iptables-export

It will create new iptables-export file, which we will be able to used on a different server to load the firewall rules.


Import Iptables Rules

First of all we need to move our newly created file iptables-export to our other server. This can be done in many ways, for example simply moving it via FTP clients like FileZilla. Or by simply using scp:

scp iptables-export user@server_ip_address:/tmp

Where user - is a user of your other server (you can use 'root' as well), server_ip_address - IP address of the destination server and finally tmp - directory in which file will be transferred.

As we have file on our other server we can load the rules from it into iptables. For this we will use iptables-restore command:

iptables-restore < /tmp/iptables-export

This will load the rules into iptables. You can verify this with the command:

iptables -S


Save Rules

The easiest way to save iptables rules so they will remain after server's reboot, is to use iptables-persistent:

apt-get install iptables-persistent

In the future after updating your firewall rules do not forgot to run this command:

invoke-rc.d iptables-persistent save


Conclusion

That's it! Your firewall rules have been migrated from one of your servers to another.
Sign In or Register to comment.

Time4VPS

Learn how to install a web and database server, email, FTP client or other applications. Discover and share information on server security or optimization recommendations.
Feel free to join our constantly expanding community, participate in discussions, strengthen your knowledge on Linux and Windows server management!
© 2013 - 2024 Time4VPS. All rights reserved.

Get In Touch