How to save IPTables rules

In this article, I will describe several options for saving IPTables rules so that they load when the operating system starts.

The best option is to install iptables-persistent, for example in Ubuntu you can do this like this:

apt install iptables-persistent

Make sure that the service starts when the system starts:

systemctl is-enabled netfilter-persistent.service
systemctl enable netfilter-persistent.service

Then we just add the rules to the system and save them to files that will load when the operating system starts, for example, in Ubuntu 18 like this:

iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

In Ubuntu 16, like this:

service iptables-persistent save

The second option is to add the IPTables rules to the /etc/rc.local file and they will be executed when the operating system starts.

The third option is to create a script (Ctrl+X to exit the editor nano, y/n and Enter to save or discard changes):

nano -w /etc/network/if-up.d/00-iptables
chmod 744 /etc/network/if-up.d/00-iptables

Save current IPTables rules to files:

mkdir /etc/iptables/
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

And add to the script:

#!/bin/sh
iptables-restore < /etc/iptables/rules.v4
ip6tables-restore < /etc/iptables/rules.v6

See also my articles:
How to configure IPTables
IPTables quick setup script
Solution: No /etc/rc.local file on Ubuntu 18

Leave a comment

Leave a Reply

Discover more from IT Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading