fredstar
Posts: 4
Joined: Mon Jul 08, 2019 11:03 pm

iptables not saving after reboot

Mon Jul 08, 2019 11:05 pm

Have a Pi 3B+ with latest Raspbian Buster with desktop installed
Have also installed a USB to ethernet dongle
Have installed and have up and running
Isc-dhcp server
Dnsmasq
Openvpn
Network config is as follows:
ADSL modem -> eth0 RPi ----> eth1 Pi -> switch -> home PC’s
I have followed a guide on the set up of the open vpn with iptables and using iptables-persistent to save the changes.
I used the following article to config iptables
https://www.instructables.com/id/Raspbe ... N-Gateway/
All works ok until the RPi is rebooted – it loses the iptables rules
Any idea what is going wrong?
Very new to all this linux stuff

epoch1970
Posts: 4114
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: iptables not saving after reboot

Tue Jul 09, 2019 8:36 am

fredstar wrote:
Mon Jul 08, 2019 11:05 pm
Have installed and have up and running
Isc-dhcp server
Dnsmasq
ISC-dhcpd is a DHCP server, dnsmasq is a DHCP server and DNS server+cache/forwarder.
Running 2 DHCP servers on the same network is ill-advised.
Do you need both applications?

No idea regarding your iptables issue. The rules were either not saved or are not restored at boot.
From the command line, right after boot, use “iptables -L”, “iptables -t nat -L” to assess the situation.
If no rules were loaded see if running iptables-restore does anything useful.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

fredstar
Posts: 4
Joined: Mon Jul 08, 2019 11:03 pm

Re: iptables not saving after reboot

Tue Jul 09, 2019 9:32 pm

Never knew DNSMasq was a DHCP Server
Will uninstall isc and config dnsmasq as the dhcp server
Will check the out put of the iptables command

fredstar
Posts: 4
Joined: Mon Jul 08, 2019 11:03 pm

Re: iptables not saving after reboot

Wed Jul 10, 2019 9:10 am

Output of iptables commands
pi@raspberrypi:~ $ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination


pi@raspberrypi:~ $ sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination

From what I can tell none of the iptables rules load

fredstar
Posts: 4
Joined: Mon Jul 08, 2019 11:03 pm

Re: iptables not saving after reboot

Sun Jul 14, 2019 10:27 pm

Managed to resolve my issue by adding the following:
pre-up iptables-restore < /etc/network/iptables.rules
to
/etc/network/interfaces.

bluenote
Posts: 94
Joined: Thu Feb 05, 2015 8:25 am

Re: iptables not saving after reboot

Wed Aug 21, 2019 6:53 pm

fredstar wrote:
Sun Jul 14, 2019 10:27 pm
Managed to resolve my issue by adding the following:
pre-up iptables-restore < /etc/network/iptables.rules
to
/etc/network/interfaces.
This isn't working for me, could you confirm? I can do iptables-restore < /etc/network/iptables.rules and that works.
Last edited by bluenote on Wed Aug 21, 2019 7:13 pm, edited 1 time in total.

epoch1970
Posts: 4114
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: iptables not saving after reboot

Wed Aug 21, 2019 7:04 pm

The “pre-up” bit is a keyword valid only in /etc/network/interfaces. Since the use of that file is deprecated, do not concern yourself with it.

You can add command “iptables-restore < /etc/iptables.rules” in file /etc/rc.local to get the iptables rules restored at boot time.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

bluenote
Posts: 94
Joined: Thu Feb 05, 2015 8:25 am

Re: iptables not saving after reboot

Wed Aug 21, 2019 7:52 pm

epoch1970 wrote:
Wed Aug 21, 2019 7:04 pm
The “pre-up” bit is a keyword valid only in /etc/network/interfaces. Since the use of that file is deprecated, do not concern yourself with it.

You can add command “iptables-restore < /etc/iptables.rules” in file /etc/rc.local to get the iptables rules restored at boot time.
Thank you that suggestion worked.

Return to “Beginners”