Iptables adding rules to itself automagically on Fedora 29

asked 2019-02-09 14:59:34 -0600

monsterDE gravatar image

updated 2019-02-10 05:06:14 -0600

hhlp gravatar image

Hi everyone, I have a tricky problem here in Fedora 29. I uninstalled Firewalld for education purposes and I have only iptables. I'm configuring it directly without any Frontend.

I have it all configured but when I restart my PC I'm seeing that other rules have been added to IPtables and I don't know what's the source of those rules updates, more specifically it is adding rules for port 53 (DNS) and 67 (DHCP server) in every restart, plus some rules in FORWARD chain and it also adds rules for port 68 (DHCP client).

Plus other rules in nat table and mangle table, here is the capture of the filter table:

[root@edier88 edier88]# iptables -t filter -nL --line-numbers
Chain INPUT (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
2    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
3    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
5    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
7    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
8    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
9    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
10   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
11   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
13   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
14   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
15   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
16   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
17   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
18   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
19   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
20   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
21   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
22   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
23   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt ...
(more)
edit retag flag offensive close merge delete

Comments

How exactly did you configure iptables ans how are you starting it? My guess is you wrote some sort of script , so post your scripts

Panther gravatar imagePanther ( 2019-02-10 09:34:15 -0600 )edit

check /etc/sysconfig/iptables if the rules you did not write are there. If yo, it's the default ;)

And you learned where to store the rules:

iptables-save > /etc/sysconfig/iptables

rdtcustomercare gravatar imagerdtcustomercare ( 2019-02-10 15:12:30 -0600 )edit

It is sudo service iptables save see https://docs.fedoraproject.org/en-US/...

Panther gravatar imagePanther ( 2019-02-10 15:19:54 -0600 )edit
add a comment