Where are iptables's rulesets stored on Ubuntu 12.04?
Solution 1:
iptables stores the rules in memory but the ruleset created by iptables-save ruleset-name can be found in the file
/var/lib/iptables/ruleset-name
These can be restored by invoking iptables-restore <ruleset-name>.
I can only confirm this for Ubuntu 12.04.03 LTS - maybe this location has changed in later versions of the iptables-package.
I think something like /etc/iptables/rulesets.d would have been a more logical place to store these.
The save-path is configured in /etc/init.d/iptables at line 27 and afterwards used by initd_save() which invokes initd_counters().
libdir=/var/lib/iptables
# ...
initd_counters () {
if test "${enable_save_counters:-false}" = true; then
echo -n " with counters"
$iptables_save -c > "$ruleset"
else
$iptables_save | sed '/^:/s@\[[0-9]\{1,\}:[0-9]\{1,\}\]@[0:0]@g' > "$ruleset"
fi
}
initd_save () {
rm -f $autosave
ruleset="${libdir}/$@"
echo -n "Saving iptables ruleset: save \"$@\""
initd_counters
echo "."
}