At first, it’s a good idea to have some iptables rules to save and then reload. For example, let’s create following rules:
$ sudo -E -s # iptables -F # iptables -X # iptables -P OUTPUT ACCEPT # iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT # iptables -A INPUT -i lo -j ACCEPT # iptables -A INPUT -p tcp -m tcp --dport 80 -j REJECT # iptables -P INPUT DROP # exit $
Save (Make sure that these rules are not dangerous for your computer configuration)
$ sudo iptables-save
$ sudo -E –s
Saving the rules and setting up their auto load.
# echo "#! /sbin/iptables-restore" > /etc/network/if-up.d/iptables-rules # iptables-save >> /etc/network/if-up.d/iptables-rules # chmod +x /etc/network/if-up.d/iptables-rules
Please check that the file is created and made executable.
# ls -lA /etc/network/if-up.d/ipt*
It should looks like:
-rwxr-xr-x 1 root root 1214 2018-06-10 19:08 /etc/network/if-up.d/iptables-rules
$ sudo reboot