Centos 7 save iptables settings (port forwarding)

by soupe   Last Updated May 22, 2020 23:00 PM

I have KVM installed on Centos with one VM

Host ip:, Guest ip:, LAN:

here is all what i did:

i have disabled firewalld and installed iptables-services

systemctl disable firewalld 
yum install iptables-services 
systemctl enable iptables.service

here is my rules

iptables -t nat -A PREROUTING -p tcp -s -d --dport 8000 -j DNAT --to-destination
iptables -t nat -A POSTROUTING -p tcp --dport 8888 -d -j SNAT --to
iptables -I FORWARD -m state -d --state NEW,RELATED,ESTABLISHED -j ACCEPT

And finally save my iptable rules (with a superuser)

/usr/libexec/iptables/iptables.init save

(also tried "service iptables save")

In /etc/sysconfig/iptables-config


For now everythings works well and i can get access to my python server (hosted in the VM on Port 8888) via But after a restart iptables still enabled but this rule

iptables -I FORWARD -m state -d --state NEW,RELATED,ESTABLISHED -j ACCEPT

does not work anymore.I have to add it again to acces to my python server.

Is there another way to do this port fowarding (maybe with FirewallD) or am i missing something ?

Answers 1

As I was facing a similar issue a month ago, my workaround was to load my iptable rules from : etc/network/interfaces with the restore command :

iptables-restore < /etc/iptables.rules

Every time I reboot my iptables keep all updates included in iptables.rules.

Alexandre Roux
Alexandre Roux
December 12, 2016 14:34 PM

Related Questions

Firewalld Centos 7 NAT Host and VMs

Updated June 26, 2017 16:00 PM

Port forwarding with firewall-cmd

Updated October 01, 2018 14:00 PM