centos7重启iptables时失败，通过systemctl status iptables.service查看错误信息，内容如下所示：

# *systemctl status iptables.service

— iptables.service - IPv4 firewall with iptables

  Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)

  Active: failed (Result: exit-code) since Wed 2018-01-10 05:11:42 EST; 4s ago

  Process: 3994 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)

  Process: 5236 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=1/FAILURE)

Main PID: 5236 (code=exited, status=1/FAILURE)

Jan 10 05:11:42 master.example.com systemd[1]: Starting IPv4 firewall with i....

Jan 10 05:11:42 master.example.com iptables.init[5236]: iptables: Applying fi...

Jan 10 05:11:42 master.example.com iptables.init[5236]: Error occurred at lin...

Jan 10 05:11:42 master.example.com iptables.init[5236]: Try `iptables-restore...

Jan 10 05:11:42 master.example.com iptables.init[5236]: [FAILED]

Jan 10 05:11:42 master.example.com systemd[1]: iptables.service: main proces...E

Jan 10 05:11:42 master.example.com systemd[1]: Failed to start IPv4 firewall....

Jan 10 05:11:42 master.example.com systemd[1]: Unit iptables.service entered....

Jan 10 05:11:42 master.example.com systemd[1]: iptables.service failed.

Hint: Some lines were ellipsized, use -l to show in full.

上面的错误是在启动ipv4 firewall时失败，可尝试关闭firewalld服务在重启iptables：

# service iptables save

#  systemctl stop firewalld  -- 关闭firewalld服务

#  systemctl disable  firewalld  --设置开机禁用firewalld

#  systemctl start iptables   -- 启动iptables

#  systemctl status iptables --确认iptables状态

#  systemctl enable iptables  -- 设置iptables开机启动

#  systemctl status firewalld  --确认firewalld服务

除了使用上述的方法以外，启动失败的原因也可能是iptables的规则配置错误。
可以check下/etc/sysconfig/iptables文件。