Thank you for using Ubuntu and reporting a bug. This appears to be by design (and one which I agree with)-- ie, if there are no rules in the table, there is nothing to restore and therefore nothing to save. In your paste, you should run iptables-save after adding your mangle rule, but you would want to do this even if iptables-save recorded an empty table, because iptables-restore would not have the new mangle rule anyway. Note that iptables-save and iptables-restore are useful tools, but very lowlevel. There is a lot of logic that must be accounted for if trying to use this in a user-friendly manner, which is why tools such as ufw and shorewall exist.
I am going to mark this as "Won't Fix" for now. This is not something we want to diverge from upstream on. I suggest that if you strongly feel this should be changed, that you file a bug with upstream (see http://www.netfilter.org/contact.html#bugzilla). ** Changed in: iptables (Ubuntu) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1104362 Title: iptables-save/-restore does not restore empty tables To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1104362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
