How to save iptables firewall rules permanently on Linux

How to save iptables firewall rules permanently on Linux

Explains how to save and restore iptables rules permanently on Debian/Ubuntu Linux or CentOS/RHEL using config files and persistent config.

I am using Debian / Ubuntu Linux server. How do I save iptables rules permanently on Linux using the CLI added using the iptables command? How can I store iptables IPv4 and IPv6 rules permanently on the Debian Linux cloud server?

Linux system administrator and developers use iptables and ip6tables commands to set up, maintain, and inspect the firewall tables of IPv4 and IPv6 packet filter rules in the Linux kernel. Any modification made using these commands is lost when you reboot the Linux server. Hence, we need to store those rules across reboot permanently. This page examples how to save iptables firewall rules permanently either on Ubuntu or Debian Linux server.


Saving iptables firewall rules permanently on Linux

You need to use the following commands to save iptables firewall rules forever:

  1. iptables-save command or ip6tables-save command – Save or dump the contents of IPv4 or IPv6 Table in easily parseable format either to screen or to a specified file.
  2. iptables-restore command or ip6tables-restore command – Restore IPv4 or IPv6 firewall rules and tables from a given file under Linux.

Saving iptables firewall rules permanently on Linux

Step 1 – Open the terminal

Open the terminal application and then type the following commands. For remote server login using the ssh command:

$ ssh [email protected]

$ ssh [email protected]

You must type the following command as root user either using the sudo command or su command.

Step 2 – Save IPv4 and IPv6 Linux firewall rules

Debian and Ubuntu Linux user type:

$ sudo /sbin/iptables-save > /etc/iptables/rules.v4

### IPv6 ##

$ sudo /sbin/ip6tables-save > /etc/iptables/rules.v6

CentOS/RHEL users run:

$ sudo /sbin/iptables-save > /etc/sysconfig/iptables

### IPv6 ##

$ sudo /sbin/ip6tables-save > /etc/sysconfig/ip6tables

[object object] [object object] [object object] linux

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

How to Find Ulimit For user on Linux

Explains how to find ulimit values of currently running process or given user account under Linux using the 'ulimit -a' builtin command.

MEAN Stack Tutorial MongoDB ExpressJS AngularJS NodeJS

MEAN Stack Tutorial MongoDB ExpressJS AngularJS NodeJS - We are going to build a full stack Todo App using the MEAN (MongoDB, ExpressJS, AngularJS and NodeJS). This is the last part of three-post series tutorial.

systemctl List All Failed Units/Services on Linux

Explains how to use the systemctl command to list all failed units or services on Debian, Ubuntu, CentOS, Arch, Fedora, and other Linux distros.

CentOS Linux 8.2 Released and Here is How to Upgrade it

CentOS Linux 8.2 (2004) released. This release adds corrections for security issues based upon RHEL 8.2 souce and here is how to upgrade it.

How to configure AWS SES with Postfix MTA

Amazon Simple Email Service (SES) is a hosted email service for you to send and receive email using your email addresses and domains. Typically SES used for sending bulk email or routing emails without hosting MTA. We can use Perl/Python/PHP APIs to send an email via SES. Another option is to configure Linux or Unix box running Postfix to route all outgoing emails via SES. Before getting started with Amazon SES and Postfix, you need to sign up for AWS, including SES. You need to verify your email address and other settings. Make sure you create a user for SES access and download credentials too.