Linux: Load iptables/firewall rules at startup

Hi,

when you set up firewall rules by iptables these rule are not persistent. This means they are volatile and will be deleted at reboot time.

To make the rules persistent an additional packages is required.

On Debian/Ubuntu Linux the package is iptables-persistent.

If installed it loads at boot time the firewall rules from /etc/iptables/rules.v4 and /etc/iptables/rules.v6.

To generate those files, set your rules and save it with the helper scripts iptables-save and ip6tables-save.

IPv4 rules

root@debdev ~ # iptables-save > /etc/iptables/rules.v4

IPv6 rules

root@debdev ~ # ip6tables-save > /etc/iptables/rules.v6

Enable daemon

root@debdev ~ #  systemctl enable netfilter-persistent.service

iptables-persistent simply calls

iptables-restore < /etc/iptables/rules.v4

at boot time.

Michael

One thought on “Linux: Load iptables/firewall rules at startup”

Leave a Reply