Debian 8 iptables-persistent setup is not correct?

Question

I'm renting a vps with debian 8 on it. I'm trying to set up my iptables, following this blog:

http://bencane.com/2012/09/iptables-linux-firewall-rules-for-a-basic-web-server/

The problem is that my setup doesn't seem to be correct.

I first update my server by apt-get update Then I add the rules to iptables, install iptables-persistent but trying to do the command iptables-persistent save and I get "is a directory" rather than the saving process... when I install iptables-persistent this saves the ipv4 ipv6 settings, and using cat /etc/iptables/rules.v4 I see my rules.

There is a last step typing in the command ls -la /etc/rc2.d/ | grep iptables should show something but mine does not.

in my /etc/init.d/ directory I'm supposed to have iptables-persistent but it's actually in /usr/share/doc/ so I moved it to /etc/init.d/ but this does not seem to solve the problem as trying the command /etc/init.d/iptables save does not work, I get "is a directory" I think it is supposed to be a script file.

I'm not really sure what is going on.

The contents of iptables-persistent is a .gz changelog file so that's probably why the command doesn't work right?

Answer 1

The documentation you have linked is outdated. The binary package you need is now named netfilter-persistent. But don't worry, you have it already installed because iptables-persistent is now a plugin to netfilter-persistent, which was installed with it. So everything was okay and you should really move the documentation directory back to where it belongs.

Concerning the usage: Just replace all calls to iptables-persistent with netfilter-persistent and it should work as advertised.

(But you probably should set chmod go-rwx /etc/iptables to make the directory containing the rules not readable for anyone except root.)