On Sun, Jan 21, 2018 at 02:02:07AM +0100, Dejan Jocic wrote: > On 20-01-18, Jacques Rodary wrote: > > Hi > > How can I start iptables at boot. I don't find an equivalent to " service > > iptables start" with systemd and does'nt know how to create a new > > iptables.service. The manpages aren't quite clear for me. Thanks for any > > help. > > Jacques > > > > There are two options. One would be to learn to write systemd service > units. There are many tutorials on net for how to write those with > examples. Other would be to install iptables-persistent package. You can > find more about using iptables-persistent package if you google it, you > will surly run on few quick howtos. > >
To get you started [addressing the OP], here is the service file I use: [Unit] Description=Load Iptables Rules ConditionFileIsExecutable=/etc/systemd/scripts/iptables After=network.target [Service] Type=forking ExecStart=/etc/systemd/scripts/iptables TimeoutSec=0 RemainAfterExit=yes [Install] WantedBy=multi-user.target This goes in /lib/systemd/system/iptables.service and assumes your iptables commands are in a script which is called iptables, is executable, and is located in /etc/systemd/scripts I must point out there may be Debian policies of which I am not aware about where the files should ideally go; I lifted this configuration from a non-Debian box. There is nothing about it that will _not work_ on Debian, but there may be a preferred Debian location for such files, which hopefully my contribution will encourage someone knowledgable to add. then to run it once, as root: systemctl start iptables and to set it up so it runs at boot, as root: systemctl enable iptables HTH Mark