persist port routing from 80 to 8080

networking iptables routing 13.10 12.04

I use amazon EC2 instance which works via ubuntu. By default according security restrictions I can't bin my application to port 80, so I just bind it port 8080 and then set routing redirect from port 80 to 8080 via the following command:

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080

But I found that when I reboot the server this settings no longer active untill I invoke this command again.

So my question is how to enable port's redirect work even if system was rebooted?


You can add this command in /etc/rc.local , so it will be executed automatically after reboot .


Use the iptables-save command instead.

Firewall rules should never go into rc.local script. rc.local is the last thing to be executed. If a block rule has been placed into rc.local there is a small time frame where an attacker can exploit a rule not being in place.

While it probably doesn't matter with this situation, it is still best to not get into a bad habit that may bite you later.


Here is how the official iptables' documentation teaches us. See here

Add these two lines in /etc/network/interfaces:

pre-up iptables-restore < /etc/iptables.rules
post-down iptables-save > /etc/iptables.rules

The line post-down iptables-save > /etc/iptables.rules will save the rules to be used on the next boot.

Related

How to assign hot-keys to control Rhythmbox?
How to completely restart script from inside the script itself
GRUB not responding to keyboard
How to umount non-sudo sshfs created directory
Overwrite previous output in Bash instead of appending it
How do I find out if there will be a fsck during the next boot?
How can I run emacs in gnome terminal without popup interface?
Find the most frequent number in a NumPy array
Why does @foo.setter in Python not work for me?
C++ mark as deprecated
UIButton: set image for selected-highlighted state
VBoxManage: error: Failed to create the host-only adapter [closed]