ubuntu severだとiptablesが自動起動するようになっていない。
そこで/etc/init.d/配下にiptablesを作成し以下を記述。
参考URL:http://ubuntuforums.org/archive/index.php/t-19106.html
#!/bin/sh # #This is a ubuntu adapted iptables script from gentoo #(http://www.gentoo.org) which was originally distributed # under the terms of the GNU General Public License v2 #and was Copyrighted 1999-2004 by the Gentoo Foundation # #This adapted version was intended for and ad-hoc personal #situation and as such no warranty is provided. ENV="env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin" IPTABLES_SAVE="/etc/default/iptables-rules" SAVE_RESTORE_OPTIONS="-c" SAVE_ON_STOP="yes" checkrules() { if [ ! -f ${IPTABLES_SAVE} ] then echo "Not starting iptables. First create some rules then run" echo "\"/etc/init.d/iptables save\"" return 1 fi } save() { echo "Saving iptables state" iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE} } start(){ checkrules || return 1 echo "Loading iptables state and starting firewall" echo -n "Restoring iptables ruleset" start-stop-daemon --start --quiet --exec /sbin/iptables-restore -- ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE} } case $1 in save) save echo "." ;; start) start echo "." ;; stop) if [ "${SAVE_ON_STOP}" = "yes" ]; then save || exit 1 fi echo -n "Stopping firewall" for a in `cat /proc/net/ip_tables_names`; do iptables -F -t $a iptables -X -t $a if [ $a = "nat" ]; then iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -t nat -P OUTPUT ACCEPT elif [ $a = "mangle" ]; then iptables -t mangle -P PREROUTING ACCEPT iptables -t mangle -P INPUT ACCEPT iptables -t mangle -P FORWARD ACCEPT iptables -t mangle -P OUTPUT ACCEPT iptables -t mangle -P POSTROUTING ACCEPT elif [ $a = "filter" ]; then iptables -t filter -P INPUT ACCEPT iptables -t filter -P FORWARD ACCEPT iptables -t filter -P OUTPUT ACCEPT fi done start-stop-daemon --stop --quiet --pidfile /var/run/iptables.pid --exec iptables echo "." ;; restart) echo -n "Flushing firewall" for a in `cat /proc/net/ip_tables_names`; do iptables -F -t $a iptables -X -t $a done; start echo "." ;; status) iptables -L ;; *) echo "Usage: /etc/init.d/iptables {start|stop|restart|save|status}" >&2 exit 1 ;; esac exit 0
そして
sudo update-rc.d iptables start 37 S . stop 37 0 .
として自動起動するようにする。