====== Automatic load of iptables rules on Ubuntu ======
The fact that iptables is empty on each boot is both beautiful and iritating! You can mess everything up, and just reboot the PC to get a clean start (or just empty the rules - to be faster). But what if you want the rules to apply even after reboot? Here are a few ways to d othis:

  - Create a save/restore script in the if-up/if-down folder
  - Create a save/restore script that runs on boot/shutdown
  - Use iptables-persistent

===== The if-up.d and if-down.d method =====

The simplest way is to add a script called iptables in the /etc/network/if-up.d directory

<code bash>
#!/bin/sh
iptables-restore < /etc/firewall.conf
</code>

And another script called iptables in the /etc/network/if-down.d directory

<code bash>
#!/bin/sh
iptables-save > /etc/firewall.conf
</code>

Make them both executable (chmod +x iptables) and every time an interface goes up - it will restore all the rules, and when an interface goes down - it will save the rules. Note that /etc/firewall.conf must allready be populated with rules, so make sure to run iptables-save once you configure all the rules.

===== The startup and shutdown method =====


This can be done eather through /etc/rc.local or crontab

A=> Place the iptables-restore command before the **exit 0** line\\
B=> run **crontab -e** and create this entry:** @reboot /path/to/script** (the restore script ofcourse)

To save the iptables rules, place the iptables-save script inside the /etc/rc6.d directory, and make sure thet the name starts with K99. For example executable file /etc/rc6.d/K99iptables

===== The iptables-persistent method =====


Simply install iptables-persistent by issuing this command

<code bash>
sudo apt-get install iptables-persistent
</code>

and follow the prompts. When asked, hit 'Yes' to save the current rules (on both prompts). Now - upon reboot, iptables will be populated with current rules.

If you for any reason want to change the rules - you can do so, but you have to issue theese commends afterwards:

<code bash>
sudo su -c 'iptables-save > /etc/iptables/rules.v4'
sudo su -c 'ip6tables-save > /etc/iptables/rules.v6'
</code>

The first one to save the v4 rules, and the second one to save the v6 rules (if used).

If you don't do this - the modifications will be lost after reboot (wich could be useful)