Skip to main content

Firewall Management

Checking Firewall Rules

# View IPv4 rules
iptables -L -n -v

# View NAT rules
iptables -t nat -L -n -v

# View all chains
iptables -L -n -v --line-numbers

Saving Firewall Rules (Persistent)

Rules created with iptables are lost after reboot. Save them:

# Save IPv4 rules
iptables-save | sudo tee /etc/iptables/rules.v4

# Save IPv6 rules
ip6tables-save | sudo tee /etc/iptables/rules.v6

Restore Rules on Boot

note

I'm not sure if this is actually necessary with iptables-save.

Recommendation: first just test a reboot, if it doesn't work, then do this.

Create /etc/network/if-pre-up.d/iptables:

#!/bin/bash
iptables-restore < /etc/iptables/rules.v4
ip6tables-restore < /etc/iptables/rules.v6

Make it executable:

sudo chmod +x /etc/network/if-pre-up.d/iptables