Tutorial: Managing iptables Settings in Access Server
Manage iptables settings for Access Server, an advanced option for changing the rule-prepending behavior, restoring default settings, and disabling specific iptables management activities.
Overview
This tutorial guides you through managing the iptables settings in Access Server. You'll learn to change the rule-prepending behavior, restore default settings, and disable specific iptables management activities if necessary.
An installed Access Server.
Console access with root privileges.
Basic knowledge of iptables and Linux command line.
Connect to the console with root privileges.
Use the desired commands below:
Change rule-prepending behavior to make Access Server append rules after existing ones (instead of prepending):
./sacli --key "iptables.append" --value "True" ConfigPut ./sacli start
Restore the default behavior of prepending rules:
./sacli --key "iptables.append" ConfigDel ./sacli start
Important
We don't recommend turning off Access Server's iptables management unless you have the required knowledge to manage iptables manually.
Access Server manages three distinct iptables items: filter, NAT, and mangle.
Connected to the console in the scripts directory, run the desired commands:
Turn off iptables filter management:
./sacli --key "iptables.vpn.disable.filter" --value "True" ConfigPut ./sacli start
Restore the default filter management:
./sacli --key "iptables.vpn.disable.filter" ConfigDel ./sacli start
Turn off iptables NAT management:
./sacli --key "iptables.vpn.disable.nat" --value "True" ConfigPut ./sacli start
Restore the default NAT management:
./sacli --key "iptables.vpn.disable.nat" ConfigDel ./sacli start
Turn off iptables mangle management:
./sacli --key "iptables.vpn.disable.mangle" --value "True" ConfigPut ./sacli start
Restore the default mangle management:
./sacli --key "iptables.vpn.disable.mangle" ConfigDel ./sacli start