Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
smartlight2012-09-03 12:57:03
linux
smartlight, 2012-09-03 12:57:03

What needs to be done so that ipset would save the sets after rebooting the server?

Good afternoon habralyudi.
I have a hatzner server

uname -r
2.6.32-5-amd64

cat /etc/debian_version
6.0.5

iptables --version
iptables v1.4.8

ipset --version
ipset v4.2, protocol version 4.
Kernel module protocol version 4.

The problem is that after rebooting ipset does not "recognize" the created set's.
What am I doing wrong?
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
X
xbox, 2014-11-27
@xbox

A simple and working solution by developing the "Max_rip" tip.
"Max_rip" gave great advice "/etc/init.d/iptables-persistent, Will add ipset save / ipset restore there". Only due to the fact that the soft sign is missing in the word "add" does not make sense on the first reading and it seems that /etc/init.d/iptables-persistent should do everything automatically. I tried - it doesn't work automatically. iptables-persistent preserves iptables settings, but does not preserve ipset sets without a file.
for me: First, the iptables-persistent package must be installed. Install on Debian like
this. This package will allow us to save the IPTABLES rules with a command from the console. After a reboot, the iptables rules will no longer be reset.
Next, edit the startup script /etc/init.d/iptables-persistent
Find the save_rules() section and add a line to it first.
This will save the IPSET sets each time you save the iptables rules using iptables-persistent.
After that we find the load_rules() section and add a line at the beginning
This will load the IPSETs each time the iptables rules are loaded with iptables-persistent.
This option is the most convenient in my opinion. One command from the console saves both iptables rules and Ipset sets. After a reboot, the rules will be saved.
Good luck.

Report
A
Alukardd, 2012-09-03
@Alukardd

So iptables does not save the rules)
You need to do this manually or automate the process.

Report
M
max_rip, 2012-09-03
@max_rip

/etc/init.d/iptables-persistent
Will add ipset save / ipset restore there

Report
S
smartlight, 2012-09-03
@smartlight

I confess. Itself could guess that set's ipset works also as well as tables/rules d iptables.
Finally did this:

touch /etc/default/ipsetrules

vi /etc/default/ipsetrules
# Generated by ipset 4.2 on Mon Sep  3 14:12:06 2012
-N blacklist iphash --hashsize 1024 --probes 8 --resize 50
-A blacklist 62.76.191.99
COMMIT
# Completed on Mon Sep  3 14:12:06 2012

put the following in the iptables start section:
   ipset -X
   ipset --restore  </etc/default/ipsetrules

adding ip is done by editing /etc/default/ipsetrules

Report
@
@censured, 2015-01-25
_

1) save the rules ipset -S > /etc/ipset/ipset-save
2) add nano /etc/rc.local to the end (before exit 0)
cat /etc/ipset/ipset-save | /usr/sbin/ipset -R

Similar questions
M
medianoche2015-07-04 03:34:27
How to record tutoring? 8Reply
D
Dima2016-05-29 00:27:25
Why is the variable set inside the loop set to zero (bash script)? 3Reply
C
ClearIce2021-12-28 17:41:43
Why can't gnome software open? 0Reply
2
2KloN_Gessman2016-05-30 09:56:41
What should a true linux admin know? 5Reply
S
Sergey2018-10-28 12:27:28
How to give white IP, linux on VirtualBox? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question