Tutorial: Managing iptables Settings in Access Server
Manage iptables settings for Access Server, an advanced option that allows you to change the rule-prepending behavior, restore default settings, and disable specific iptables management activities.
Overview
This tutorial guides you through managing the iptables settings in Access Server. You'll learn to change the rule-prepending behavior, restore default settings, and disable specific iptables management activities if necessary.
An installed Access Server.
Console access and the ability to get root access.
Basic knowledge of iptables and Linux command line.
Connect to the console and get root privileges.
Use the desired commands below:
Change rule-prepending behavior to make Access Server append rules after existing ones (instead of prepending):
sacli --key "iptables.append" --value "True" ConfigPut sacli start
Restore the default behavior of prepending rules:
sacli --key "iptables.append" ConfigDel sacli start
Important
We don't recommend turning off Access Server's iptables management unless you have the required knowledge to manage iptables manually.
Access Server manages three distinct iptables items: filter, NAT, and mangle.
Connected to the console in the scripts directory, run the desired commands:
Turn off iptables filter management:
sacli --key "iptables.vpn.disable.filter" --value "True" ConfigPut sacli start
Restore the default filter management:
sacli --key "iptables.vpn.disable.filter" ConfigDel sacli start
Turn off iptables NAT management:
sacli --key "iptables.vpn.disable.nat" --value "True" ConfigPut sacli start
Restore the default NAT management:
sacli --key "iptables.vpn.disable.nat" ConfigDel sacli start
Turn off iptables mangle management:
sacli --key "iptables.vpn.disable.mangle" --value "True" ConfigPut sacli start
Restore the default mangle management:
sacli --key "iptables.vpn.disable.mangle" ConfigDel sacli start