Ubuntu 20.04 can't persist the Iptables configuration
I have been doing this in all previous Ubuntu editions without an issue, but something has changed in Ubuntu 20.04.
sudo apt install iptables-persistent
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
...
debconf-set-selections <<< "iptables-persistent iptables-persistent/autosave_v4 boolean true"
debconf-set-selections <<< "iptables-persistent iptables-persistent/autosave_v6 boolean true"
dpkg-reconfigure iptables-persistent
Two things I have noticed
- Despite the settings above, I can't install it silently. I get this screen:
And despite clicking yes the file /etc/iptables/rules.v4is empty
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT
- After a reboot, everything is set to the file above. So nothing is saved.
Any advise please?
Solution 1:
I can at least answer part of your question, it appears that there is no way to suppress the save prompt during the reconfigure and also have it perform the save. You can suppress the prompt by setting "iptables-persistent/autosave_done" but that also prevents any saves from happening. If you want to look at the logic, it's contained in /var/lib/dpkg/info/iptables-persistent.config and /var/lib/dpkg/info/iptables-persistent.postinst.
I have no idea why the reconfigure save isn't working, this sounds silly but can you do a iptables -t filter -L -n before you run the reconfigure? Does it look like you expect?
As a side question, are you running reconfigure for the sole purpose of saving your rules? If so, it's far easier to do iptables-save > /etc/iptables/rules.v4 && ip6tables-save > /etc/iptables/rules.v6
Solution 2:
iptables doesn't work anymore with UBUNTU 20.04 since ~febrary 2021. users must migrate to nftables package. You can install it by use apt or synaptic. https://www.netfilter.org/projects/nftables/index.html