iptables-save

Back up iptables table configuration

Supplementary instructions

iptables-save command is used to export the iptables table in the Linux kernel to the standard output device vendor. Usually, the I/O redirection function in the shell is used to save its output to a specified file.

grammar

iptables-save (option)

Options

-c: When specifying the iptables table to be saved, save the current packet counter and byte counter values;
-t: Specify the name of the table to be saved.

Example

[root@localhost ~]# iptables-save -t filter > iptables.bak
[root@localhost ~]# cat iptables.bak
# Generated by iptables-save v1.3.5 on Thu Dec 26 21:25:15 2013
*filter
:INPUT DROP [48113:2690676]
:FORWARD accept [0:0]
:OUTPUT ACCEPT [3381959:1818595115]
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
COMMIT