Mark, I've implemented this by using : pre-up ipset restore -! < /etc/ipset/ipset.rules post-down ipset-save -file /etc/ipset/ipset.rules ipset rules appear with sudo ipset -L after a reboot. So all looks good there. However, sudo ip6tables -L still shows default rules. I'm using iptables-persistent for iptables persistence. Do you know when iptables-persistent is run? It looks like it's being called before the interface is in pre-up and so it's still not able to find ipset rules. Oliver On Mon, Jan 15, 2018 at 3:36 AM, Mark Coetser <mark@xxxxxxxxxxxx> wrote: > > On 12/01/2018 23:20, Oliver O'Boyle wrote: >> >> Hello, >> >> Just started using IPSet on Ubuntu 16.04. After reboot, my set >> disappeared and my ip6tables config vanished, leaving my fw wide open >> with default rules. OUCH. >> >> What's the proper way to do IPSet persistence on Ubuntu 16.04? >> >> Oliver >> > > either create a script that you call from /etc/network/interfaces ie > > up /full/path/script > > that has your ipset commands > > or just put the ipset stuff into interfaces file > > auto eth0 > iface eth0 inet static > address x.x.x.x > netmask x.x.x.x > up ipset xxxxxx > up ipset xxxxxx > > > -- > Thank you, > > Mark Adrian Coetser > mark@xxxxxxxxxxxx > > What causes the mysterious death of everyone? -- :o@> -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
