We've started encountering an issue with iptables on our RHEL 6.3 systems in that after a reboot, when the service starts, the rules are not loaded. We get the empty ruleset:
[msnyder@matt-test ~]$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
This is in spite of the fact that we have rules defined and the service is, indeed, running. That I know because when I run service iptables start it simply drops back to the prompt. If I run service iptables restart it actually stops and then restarts the service. And, of course, if I run service iptables stop it indicates that iptables is actually stopping.
Knowing that I need to restart the service, I do so and the rules load up properly. They simply don't get loaded after a reboot. Unless they get loaded differently during a reboot I don't see how our rules would be wrong. If they were, they wouldn't even load during a service restart.
Has anyone else ever encountered this?
EDIT: The rules are already saved in /etc/sysconfig/iptables. They are not added on the fly from the command line so service iptables save is unnecessary.
Best Answer
First iptables should be enabled on startup with chkconfig on But I guess this is already the case since you get an empty table.
A reason for iptables not loading during bootime could be, that you have rules in your configuration using hostnames, if so replace them by IPs and try again. If you absolutely need hostnames in you iptables configuration be sure to enable (and commit) DNS query from your host first, but I am not sure if this will work in any situation.