In some cases, we need to load iptables after everything has started. The following is an example of a service to accomplish this. The service starts when the server is idle, checks for the executable file, and then starts it.
[Unit]
Description=runs iptables restore on boot
ConditionPathExist=/etc/iptables-my/iprestore.sh
After=network.target
[Service]
Type=idle
User=root
ExecStart=/etc/iptables-my/iprestore.sh
RemainAfterExit=yes
GuessMainPID=no
[Install]
WantedBy=multi-user.targetThe content of executable files:
#!/bin/sh
/usr/bin/flock /run/.ip6tables-restore /sbin/iptables-restore < /etc/iptables-my/<myipv4file>
/usr/bin/flock /run/.ip6tables-restore /sbin/ip6tables-restore < /etc/iptables-my/<myipv6file>
exit 0Use chmod to change executable file permissions (I am using permission 744).
Was this article helpful?
If you have any suggestions or questions, please leave a comment below.
Leave A Comment