Linux: Load iptables/firewall rules at startup


when you set up firewall rules by iptables these rule are not persistent. This means they are volatile and will be deleted at reboot time.

To make the rules persistent an additional packages is required.

On Debian/Ubuntu Linux the package is iptables-persistent.

If installed it loads at boot time the firewall rules from /etc/iptables/rules.v4 and /etc/iptables/rules.v6.

To generate those files, set your rules and save it with the helper scripts iptables-save and ip6tables-save.

IPv4 rules

root@debdev ~ # iptables-save > /etc/iptables/rules.v4

IPv6 rules

root@debdev ~ # ip6tables-save > /etc/iptables/rules.v6

Enable daemon

root@debdev ~ #  systemctl enable netfilter-persistent.service

iptables-persistent simply calls

iptables-restore < /etc/iptables/rules.v4

at boot time.


Advertisment to support

One thought on “Linux: Load iptables/firewall rules at startup”

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.