In this article, I will describe several options for saving IPTables rules so that they load when the operating system starts.
The best option is to install iptables-persistent, for example in Ubuntu you can do this like this:
apt install iptables-persistent
Make sure that the service starts when the system starts:
systemctl is-enabled netfilter-persistent.service systemctl enable netfilter-persistent.service
Then we just add the rules to the system and save them to files that will load when the operating system starts, for example, in Ubuntu 18 like this:
iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6
In Ubuntu 16, like this:
service iptables-persistent save
The second option is to add the IPTables rules to the /etc/rc.local file and they will be executed when the operating system starts.
The third option is to create a script (Ctrl+X to exit the editor nano, y/n and Enter to save or discard changes):
nano -w /etc/network/if-up.d/00-iptables chmod 744 /etc/network/if-up.d/00-iptables
Save current IPTables rules to files:
mkdir /etc/iptables/ iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6
And add to the script:
#!/bin/sh iptables-restore < /etc/iptables/rules.v4 ip6tables-restore < /etc/iptables/rules.v6