Save iptables Rules After Reboot

This guide explains how to keep your Linux firewall rules (iptables) safe even after a reboot. We’ll use simple commands and examples for Ubuntu, CentOS 7, and other Linux systems.

Why Save iptables Rules?

iptables is like a security guard for your Linux system. It controls incoming and outgoing traffic. But by default, iptables rules disappear after a reboot. This guide shows you how to make them permanent.

3 Easy Ways to Save iptables Rules

1. Manual Method: Save and Restore Rules

This works on all Linux systems (Ubuntu, CentOS, etc.).

Steps:

  1. Save your current rules to a file:

    sudo iptables-save > /home/user/my_iptables_rules.txt

    (Replace /home/user/ with your home folder.)

  2. Restore rules after reboot by adding this line to /etc/rc.local (a startup script):

    sudo iptables-restore < /home/user/my_iptables_rules.txt

Example:

  • You block a malicious IP (192.168.1.100) with: 
    sudo iptables -A INPUT -s 192.168.1.100 -j DROP
  • Save it with: 
    sudo iptables-save > /home/user/block_malicious_ip.txt

Fix Common Errors:

  • “Permission denied”: Use sudo before commands.
  • “Command not found”: Install iptables with sudo apt install iptables (Ubuntu) or sudo yum install iptables (CentOS).

2. Ubuntu/Debian: Use iptables-persistent

This tool automatically saves and restores rules.

Steps:

  1. Install it:

    sudo apt update  
sudo apt install iptables-persistent

  2. During installation, say “Yes” to save current rules.

  3. To save rules later:

    sudo netfilter-persistent save

Example:

  • You allow SSH (port 22) with: 
    sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
  • Save it with: 
    sudo netfilter-persistent save

Where Are Rules Stored?

  • IPv4 rules: /etc/iptables/rules.v4
  • IPv6 rules: /etc/iptables/rules.v6

3. CentOS 7: Use iptables-services

CentOS 7 uses firewalld by default, but you can switch to iptables.

Steps:

  1. Stop and disable firewalld:

    sudo systemctl stop firewalld  
sudo systemctl disable firewalld

  2. Install iptables services:

    sudo yum install iptables-services

  3. Save rules:

    sudo service iptables save

  4. Start iptables on boot:

    sudo systemctl enable iptables  
sudo systemctl start iptables

Example:

  • You block ping requests with: 
    sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
  • Save it with: 
    sudo service iptables save

Troubleshooting

Problem 1: Rules Disappear After Reboot

  • Fix: Check if you saved rules correctly (e.g., sudo netfilter-persistent save on Ubuntu).
  • Check: Look for errors in /var/log/syslog or journalctl -xe.

Problem 2: “iptables-save Permission Denied”

  • Fix: Always use sudo (e.g., sudo iptables-save).

Problem 3: Conflict with firewalld (CentOS)

  • Fix: Either stick to firewalld or fully switch to iptables (as shown above).

Best Practices

  1. Backup Rules: Save rules before making changes. 
    sudo iptables-save > /home/user/backup_rules.txt
  2. Test Rules: Apply rules temporarily (sudo iptables-restore < file.txt) and test before saving.
  3. Add Comments: Use -m comment --comment "My rule" to explain rules.

Conclusion

Now you know how to save iptables rules permanently on any Linux system! Use:

  • Manual method (for all systems),
  • iptables-persistent (Ubuntu/Debian), or
  • iptables-services (CentOS 7).

For more help, check:

save iptables rules iptables
React Logo
Written by Haikel Fazzani
⌛ 4 min read ⏰ 2025-02-18

Related Articles

Understanding ICMP: The Network's Messenger

Understanding ICMP: The Network's Messenger

In this blog post, I'll break down ICMP in simple terms, provide Linux code examples to demonstrate its use, and include relevant images to make it all crystal clear.

ICMP
Podman vs Docker in 2025: Which Container Engine Should You Choose?

Podman vs Docker in 2025: Which Container Engine Should You Choose?

Compare Podman vs Docker in 2025: Explore key differences, security, architecture, and practical code examples to choose the best container engine for your projects.

Podman vs Docker Podman tutorial Docker tutorial container engines comparison
The Ultimate Guide to FFmpeg

The Ultimate Guide to FFmpeg

Discover the ultimate FFmpeg guide with real-world code examples. Learn how to convert, edit, compress, and stream audio and video files using FFmpeg commands and automation.

FFmpeg FFmpeg tutorial video conversion audio extraction
Nmap for Network Security Audits

Nmap for Network Security Audits

Learn advanced Nmap techniques for network security audits, including basic scans, port scanning, OS detection, and more. Expert guide with actionable commands.

Nmap network security port scanning Kali Linux
Save iptables Rules After Reboot

Save iptables Rules After Reboot

Learn how to save iptables rules after reboot using iptables-persistent, iptables-save, and netfilter-persistent. Fix common issues like service iptables-save not working or iptables-save permission denied.

save iptables rules iptables
Edit a Rule in iptables

Edit a Rule in iptables

Learn how to edit a rule in iptables on Ubuntu with step-by-step instructions, examples, and expert tips. Perfect for advanced users managing firewall configurations.

Edit a rule in iptables
Load more articles