Giter Site home page Giter Site logo

ipsets-persistent's Introduction

ipsets-persistent

init.d script for iptables-persistent on Debian/Ubuntu that also saves/loads IP sets.

I added checking for and saving IP sets. Sets are saved in the same place as other rules in a file named rules.ipset. Sets are only saved if they are defined, same with flushing and loading. Instead of checking to see if the module is loaded at load time, I just check for the rules.ipset file, since if that doesn't exist loading the module does't make sense. There might be better ways to do it, feel free to submit a pull request. This is just the way I made it work for me.

Added 10-ipset, which goes into /usr/share/netfilter-persistent/plugins.d/ to enable IP sets handling for the newer netfilter-presistent package on Debian Jessie.

ipsets-persistent's People

Contributors

jordanrinke avatar mastergroosha avatar szepeviktor avatar vkill avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

thordin xmcsi frederic-joventures alainramon koskv vkill drstoehr jorisd gardner freskimo szepeviktor xxorax mharrend ccaiccie noodled eskalartedexter razdolbay-dev farhadh91

ipsets-persistent's Issues

How to install it?

Sorry for such question, however I'm not very familiar with systemd in Ubuntu 16.04 and installing your service using manual didn't seem to work.
Steps I performed:

  1. Downloaded iptables-persistent script and placed it to /etc/init.d
  2. Created folder /etc/iptables
  3. Created file /etc/systemd/system/iptables-persistent.service with the following content:
[Unit]
Description=Make iptables/ipset persistent

[Service]
Type=simple
ExecStart=/etc/init.d/iptables-persistent start
Restart=on-failure

Then started it via sudo service iptables-persistent start and saved my current config via sudo service iptables-persistent save. Current config was successfully written to /etc/iptables

However after reboot, both ipset -L and iptables -L return empty values.
From the sudo service iptables-persistent status I see:

โ— iptables-persistent.service - Make iptables/ipset persistent
   Loaded: loaded (/etc/systemd/system/iptables-persistent.service; static; vendor preset: enabled)
   Active: inactive (dead)

oct 05 11:14:25 router iptables-persistent[1093]:  *  IPv4...
oct 05 11:14:25 router iptables-persistent[1093]:  *  IPv6...
oct 05 11:14:25 router iptables-persistent[1093]:    ...fail!
oct 05 11:14:25 router systemd[1]: iptables-persistent.service: Main process exited, code=exited, status=1/FAILURE
oct 05 11:14:25 router systemd[1]: iptables-persistent.service: Unit entered failed state.
oct 05 11:14:25 router systemd[1]: iptables-persistent.service: Failed with result 'exit-code'.
oct 05 11:14:25 router systemd[1]: iptables-persistent.service: Service hold-off time over, scheduling restart.
oct 05 11:14:25 router systemd[1]: Stopped Make iptables/ipset persistent.
oct 05 11:14:25 router systemd[1]: iptables-persistent.service: Start request repeated too quickly.
oct 05 11:14:25 router systemd[1]: Failed to start Make iptables/ipset persistent.

Could you please explain what I'm doing wrong?

P.S. In sudo service iptables-persistent status I see a line: * Skipping IPset (no rules to load), though rules.ipset file in /etc/iptables has the necessary strings.

Need clear instructions for different systems

I would like to use this plugin on Ubuntu 14.04. What is unclear to me is whether or not I can use this with iptables-persistent, whether netfilter-persistent is required, and how exactly to use the plugin.

Can this be used on systems with init rather than systemd? If so how should I install it?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.