What do you think? Discuss, post comments, or ask questions at the end of this article. [More about me]

Skip to end of metadata
Go to start of metadata

Problem

ip-tables is a firewall implemented by default in many Linux distributions.  However, by default, ip-table rules are not persistent - that is, rules will not survive reboots etc.

Solution

Below is one method for saving / restoring and making implemented ip-table rules persistent on several popular distributions of Linux.

Making iptables rules persistent

Amazon-Linux:

sudo chkconfig iptables on
sudo service iptables save

Debian/Ubuntu:

Install iptables-persistent and the netfilter-persistent  packages:

sudo apt-get install iptables-persistent
sudo apt-get install netfilter-persistent

To save current iptable rules to these files, run the following:

sudo su
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
exit

Any ip-table rules added to below files will be persistent (on reboots etc.):

/etc/iptables/rules.v4
/etc/iptables/rules.v6 # for ip6 rules

You can reload from these files with to ip-tables by:

sudo iptables-restore < /etc/iptables/rules.v4
sudo ip6tables-restore < /etc/iptables/rules.v6

The netfilter-persistent  package has the actual init.d service which reloads the last saved iptables configuration.  So, once saved (see above) start and enable the service by:

sudo systemctl start netfilter-persistent
sudo systemctl enable netfilter-persistent

References

  1. https://help.ubuntu.com/community/IptablesHowTo
  2. https://www.thomas-krenn.com/en/wiki/Saving_Iptables_Firewall_Rules_Permanently