Re: Iptables at boot

To: debian-user@lists.debian.org
Subject: Re: Iptables at boot
From: Ben Caradoc-Davies <ben@transient.nz>
Date: Mon, 22 Jan 2018 08:53:43 +1300
Message-id: <[🔎] 816506e1-b475-7e9d-bdf9-8c47cc4df96e@transient.nz>
In-reply-to: <[🔎] 20180121030505.ldm7m4yw5up6lzoy@kazuki.local>
References: <[🔎] ec660538-7676-4009-b6b6-be2595319d46@free.fr> <[🔎] 20180121010207.3bw4wbvftzihenjz@ddeb.ddeb.net> <[🔎] 20180121030505.ldm7m4yw5up6lzoy@kazuki.local>

On 21/01/18 16:05, Mark Fletcher wrote:

To get you started [addressing the OP], here is the service file I use:


Mine is slightly different and has the commands inline:


$ cat /etc/iptables/iptables.service
[Unit]
Description=iptables rules
After=network.target

[Service]
Type=oneshot

ExecStart=/bin/bash -c "/sbin/iptables-restore </etc/iptables/iptables.rules"ExecStart=/bin/bash -c "/sbin/ip6tables-restore </etc/iptables/ip6tables.rules"

RemainAfterExit=yes
ExecStop=/sbin/iptables -F
ExecStop=/sbin/ip6tables -F

[Install]
WantedBy=multi-user.target


You can make your initial rules file with iptables-save.

Kind regards,

--
Ben Caradoc-Davies <ben@transient.nz>
Director
Transient Software Limited <https://transient.nz/>
New Zealand

Reply to:

Follow-Ups:
- Re: Iptables at boot
  - From: Alessandro Vesely <vesely@tana.it>

References:
- Iptables at boot
  - From: Jacques Rodary <rodaryj@free.fr>
- Re: Iptables at boot
  - From: Dejan Jocic <jodejka@gmail.com>
- Re: Iptables at boot
  - From: Mark Fletcher <mark27q1@gmail.com>

Prev by Date: Re: IPv6 SLAAC and RFC 7217
Next by Date: Re: IPv6 SLAAC and RFC 7217
Previous by thread: Re: Iptables at boot
Next by thread: Re: Iptables at boot
Index(es):
- Date
- Thread