Persistent Iptables in Debian

I always forgot how to do simple stuff, configuring persistent iptables is one of them. In this recipe I will go through the process for Debian/Ubuntu.

What is iptables?

iptables is an utility that allows a system administrator to configure rules for the Linux kernel firewall; is an extremely flexible as firewall. For small site (like this) it will help you to keep away all the unwanted bots. If you have time you can check my post on nftables (the successor of iptables)

Installing iptables

In Debian it comes installed by default, if it’s not your case sudo apt install iptables, for persistent we will use netfilter-persistent to install it you can execute:

1

sudo apt install netfilter-persistent

Note: you can also install iptables-persistent, is not requiered, but you can use in your scripts to dump or read the rules from a file

Checking if is running

For this, as it install a service/daemon use:

1

sudo service netfilter-persistent status

Saving rules

At this point you can execute:

1

sudo netfilter-persistent save

it will save all the rules you have, and:

Loading rules

1

sudo netfilter-persistent reload

will reload the rules you saved. You can see the current rules with sudo iptables -L -n (-n to don’t delay the report with the naming resolution)

If you preffer to have a interface (very basic one) you can execute:

1

sudo dpkg-reconfigure iptables-persistent

By default all the rules are saved in: /etc/iptables/rules.v4 and /etc/iptables/rules.v6