This guide will show you what to do to move your firewall rules from one server to another.
Beginning of work
You need the following before starting this tutorial:
- 2 nodes (Cloud Server, or dedicated server)
You will be passing rules from one to the other, so if you want to, make sure each one has a different firewall rule before starting this tutorial in order to demonstrate its effectiveness.
First, check the current iptables rules on server1.
The output should be something like this:
-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -s 184.108.40.206/32 -j DROP
You have the option to save the iptables rules on server1 to a file. This is the team to do it.
iptables-save > iptables-rules-file
Now you can copy the file from server1 to server2. This is really all you need to restore the rules on a different server.
scp iptables-rules-file [email protected]:/root
Restore rules on server2 from file.
iptables-restore < /root/iptables-rules-file
Review your iptables rules on server2 to make sure they were actually copied.
It should match the previous output from server1.
All! You should now successfully migrate your iptables rules from one server to another. Refer to the Iptables man pages for an idea of what else you can do with this versatile program. If you enjoyed this article, please share it with your friends.