Running iptables commands on boot (on locked down, IoT device)

Question

I am using a cell modem / router that is running a vendor custom distribution of Linux kernel 3.12.70.

I'd like to add custom iptables rules, but they keep being deleted on reboot.

I've tried https://help.ubuntu.com/community/IptablesHowTo#Saving_iptables solution 2, but that doesn't work.

As a side note, when I run cat on the iptables-restore and ipstables-save I get gibberish, so maybe they are binaries or encryption protected.

However, if I run individual iptables commands via SSH, they stay and work until reboot.

I'm trying to figure out a way to automate running individual iptables rules via CLI on reboot.

I've added a #!/bin/sh -e with the lines I want added, put it in the init.d directory, made it executable, ran update-rc.d, and copied it into the rc5.d directory via ln -s.

Answer 1

1. sudo -s ( this is to login as root )
2. mount -o remount,rw / ( This will mount the entire file system in read write mode )
3. create a script in /etc/init.d/ ( in my case I have created the script install_firewall.sh )
4. "update-rc.d start 99 5 ." (use the update-rc.d command to add the script to your desired run level , In my case the "update-rc.d install_firewall.sh start 99 5 ." command puts install_firewall.sh to run level 5 with a priority of 99 meaning it will be the last script to run after reboot. )
5. In my script I have added a delay of 35s to make sure all firewall rules from the code are applied and then we start to manipulate it via the script.

'#!/bin/bash'

sleep 35
iptables [...]//Add custom iptables rules here
exit 0