Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 7 years ago.
I'm trying to redirect http traffic to port 8080 on the same machine and have the iptables rules below working.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080
I'm trying to figure out how to make this change permanent incase of a reboot of the system.
I'm using Ubuntu 11.10 server.
One way to do this would be:
vim /etc/network/interfaces
Append the below line along with your lo directives:
post-up /sbin/iptables-restore < /etc/iptables-up.rules
Now run the below command
iptables-save > /etc/iptables-up.rules
I hope this helps.
Ubuntu (and Debian) offer the package iptables-persistent (Debian: http://packages.debian.org/wheezy/iptables-persistent , Ubuntu: http://packages.ubuntu.com/saucy/iptables-persistent) , which does exactly what you want. As root, or via sudo:
apt-get install iptables-persistent
iptables-save > /etc/iptables/rules.v4
If you're working with ip6tables, you'll want to also ip6tables-save > /etc/iptables/rules.v6.
You must save the tables again (iptables-save > /etc/iptables/rules.v4, ip6tables-save > /etc/iptables/rules.v6) after any change you make.
On older versions (before iptables-0.5, and before Debian Wheezy) you will need write to a different file:
iptables-save > /etc/iptables/rules
Can't we do the same thing with rc.local but perform the following steps
iptables-save > current_iptables_rules
Then go into /etc/rc.local and enter the following
iptables-restore < current_iptables_rules
Won't that accomplish the same thing? I could be missing something.
Add them to /etc/ufw/before.rules. The syntax is a little different but you'll see how it works.
UFW is the Ubuntu firewall frontend to iptables. You might need to enable UFW using sudo ufw enable, but you can just not set any rules inside ufw.
