When migrating from one server to another, it is often desirable to migrate the iptables firewall rules as part of the process. This tutorial will show you how to easily copy your active iptables rule set from one server to another.

Before we start migrating our iptables rules, let's see that they are set to:

It should look something like our example:
​
​-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
​
Now we can export the current rules to a new file. For this we will use iptales-save command:

It will create new iptables-export file, which we will be able to used on a different server to load the firewall rules.

First of all we need to move our newly created file iptables-export to our other server. This can be done in many ways, for example simply moving it via FTP clients like FileZilla. Or by simply using scp:

Where user - is a user of your other server (you can use 'root' as well), server_ip_address - IP address of the destination server and finally tmp - directory in which file will be transferred.
​
As we have file on our other server we can load the rules from it into iptables. For this we will use iptables-restore command:

This will load the rules into iptables. You can verify this with the command:

The easiest way to save iptables rules so they will remain after the server's reboot is to use iptables-persistent:

In the future, after updating your firewall rules, do not forget to run this command:

That's it! Your firewall rules have been migrated from one of your servers to another.
​
​