Hi,
when you set up firewall rules by iptables these rule are not persistent. This means they are volatile and will be deleted at reboot time.
To make the rules persistent an additional packages is required.
On Debian/Ubuntu Linux the package is iptables-persistent.
If installed it loads at boot time the firewall rules from /etc/iptables/rules.v4 and /etc/iptables/rules.v6.
To generate those files, set your rules and save it with the helper scripts iptables-save and ip6tables-save.
IPv4 rules
1 | root@debdev ~ # iptables-save > /etc/iptables/rules.v4 |
IPv6 rules
1 | root@debdev ~ # ip6tables-save > /etc/iptables/rules.v6 |
Enable daemon
1 | root@debdev ~ # systemctl enable netfilter-persistent.service |
iptables-persistent simply calls
1 | iptables-restore < /etc/iptables/rules.v4 |
at boot time.
Michael
Very good explanation, thank you