iptables-restore command in Linux with examples

The iptables-restore and ip6tables-restore commands are essential tools for managing IP and IPv6 tables in Linux. These commands are used to restore firewall rules from a specified file or directly from the standard input (STDIN). This feature is particularly useful for system administrators who need to quickly apply saved firewall configurations during system startup or after making changes to the network security setup.

Syntax:

iptables-restore [-chntv] [-M modprobe] [-T name] [file]
ip6tables-restore [-chntv] [-M modprobe] [-T name] [file]

Options for iptables-restore and ip6tables-restore

• -c, --counters: This option restores the values of all packet and byte counters.
• -h, --help: This option prints a short option summary.
• -n, --noflush: This option doesn't flush the previous contents of the table. If it is not specified, both the commands flush (delete) all previous contents of the respective table.
• -t, --test: This option only parses and constructs the ruleset, but do not commit it.
• -v, --verbose: This option prints additional debug info during ruleset processing.
• -M, --modprobe modprobe_program: This option Specifies the path to the modprobe program. By default, the iptables-restore will going to inspect '/proc/sys/kernel/modprobe' to determine the executable's path.
• -T, --table name: This option restores only the named table even if the input stream contains other ones.

iptables-restore command Example in Linux

1. Create a new 'iptable' which helps in restoring.

Before restoring rules, it's a good practice to save the current firewall configuration. You can do this with the 'iptables-save' command:

This command saves the current IP tables to a file named 'iptables.rules', which can be restored later using 'iptables-restore'.

2. It will create a new file named 'iptableslist.txt'. To see the contents of file run the following command on the terminal:

3. The content of the file is:

4. Now the last step is to restore from that file we just created. We can simply restore 'iptables' using the following command.

Conclusion

The 'iptables-restore' and 'ip6tables-restore' commands are powerful tools for managing firewall configurations in Linux. By allowing system administrators to restore IP and IPv6 tables from saved configurations, these commands simplify the process of applying complex firewall rules, enhance system security, and ensure consistency across reboots.