You want to load your firewall rules, e.g., at boot time.

Use ipchains-restore or iptables-restore. Assuming you’ve saved your firewall configuration in /etc/sysconfig: [Recipe 2.19]

For iptables:

#!/bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward       (optional)
iptables-restore < /etc/sysconfig/iptables

For ipchains:

#!/bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward       (optional)
ipchains-restore < /etc/sysconfig/ipchains

To tell Red Hat Linux that firewall rules should be loaded at boot time:

# chkconfig iptables on

# chkconfig ipchains on

Place the load commands in one of your system rc files. Red Hat Linux already has rc files “iptables” and “ipchains” in /etc/init.d that you can simply enable using chkconfig . SuSE Linux, in contrast, has a script /sbin/SuSEpersonal-firewall that invokes iptables or ipchains rules, and it’s optionally started by /etc/init.d/personal-firewall.initial and /etc/init.d/personal-firewall.final at boot time.

To roll your own solution, you can write a script like the following and invoke it from an rc file of your choice:

#!/bin/sh # Uncomment either iptables or ipchains PROGRAM=/usr/sbin/iptables #PROGRAM=/sbin/ipchains FIREWALL=`/bin/basename $PROGRAM` RULES_FILE=/etc/sysconfig/${FIREWALL} LOADER=${PROGRAM}-restore FORWARD_BIT=/proc/sys/net/ipv4/ip_forward if [ ! -f ${RULES_FILE} ] then echo "$0: Cannot find ${RULES_FILE}" 1>&2 exit 1 fi case "$1" in start) echo 1 > ${FORWARD_BIT} ${LOADER} < ${RULES_FILE} ...