iptables-restore command in Linux with examples

iptables-restore and ip6tables-restore commands are used to restore IP and IPv6 Tables from data being specified on the STDIN or in the file. Use I/O redirection provided by default from your shell to read from a file or specify the file as an argument.

Syntax:

iptables-restore [-chntv] [-M modprobe] [-T name] [file]

ip6tables-restore [-chntv] [-M modprobe] [-T name] [file]

Options:

• -c, –counters : This option restores the values of all packet and byte counters.
• -h, –help : This option prints a short option summary.
• -n, –noflush : This option doesn’t flush the previous contents of the table. If it is not specified, both the commands flush (delete) all previous contents of the respective table.
• -t, –test : This option only parses and construct the ruleset, but do not commit it.
• -v, –verbose : This option prints additional debug info during ruleset processing.
• -M, –modprobe modprobe_program : This option Specifies the path to the modprobe program. By default, the iptables-restore will going to inspect /proc/sys/kernel/modprobe to determine the executable’s path.
• -T, –table name : This option restores only the named table even if the input stream contains other ones.

Examples:

1) Create a new iptable which helps in restoring.

2) It will create a new file named iptableslist.txt. To see the contents of file run the following command on the terminal:

3) The content of the file is:

4) Now the last step is to restore from that file we just created. We can simply restore iptables using the following command.