iptables start on boot – Ubuntu/Debian


By default Ubuntu/Debian OS wont load iptable on boot.

So to load iptables on boot use follow procedure:

Save iptable conf with iptables-save command:

iptables-save > /etc/iptables.conf

Next, open file with name /etc/network/if-up.d/iptables and add following content:

iptables-restore < /etc/iptables.conf

Change permission file /etc/network/if-up.d/iptables as executable with following command:

chmod +x /etc/network/if-up.d/iptables

Now, iptables will restored on boot.

Whenever you change iptable rules don’t forgot to update iptables.conf file. Use following command to update iptables.conf file:

iptables-save > /etc/iptables.conf

iptables allow port for ip


To allow only an ip to access a port use following iptables rule

iptables -I INPUT -p tcp -m tcp -s --dport 8080 -j ACCEPT

Above iptables rule will allow only to access port 8080 and reject all other ip addresses.

Similarly we can give any other ip address and port combination.

iptables allow one ip address


To allow one trusted IP address to access all incoming packets add following line in iptables-precursor:

iptables -A INPUT -s -j ACCEPT

where is the IP address I would like to allow, change the IP address as per your requirement.

After adding above line run following commands to get it updated:

$ source iptables-precursor

$ iptables-save > iptables

In above commands I used relative pats for iptables-precursor and iptables.