On Fri, 25 Jun 2021 19:47:02 -0400 slow_speed@xxxxxxx wrote: > Yes, that was exactly my initial question. I couldn't agree more. > > The issue was knowing the correct command to use force the reload. I > remain unclear on that if my files are in either /etc/iptables.up.rules > or /etc/iptables/rules.v4. Debian offers an iptables-persistent package which, if installed, will provide a plugin for their netfilter-persistent package. In turn, that implements a pseudo-service that is capable of automatically loading iptables rules from "/etc/iptables/rules.v4" upon being started, and saving them there upon being stopped. It does so by executing iptables-restore(8) and iptables-save(8) behind the scenes and the decision to use this particular location is an arbitrary one made by the Debian maintainers. As for "/etc/iptables.up.rules", it has no significance beyond serving as one example of how to manually deal with ruleset persistence, as far as the author of the https://wiki.debian.org/iptables article is concerned. So, if you needed to manually (re)load an iptables ruleset that had previously been saved through the use of the iptables-persistent plugin, you might run `iptables-restore /etc/iptables/rules.v4` but it would probably be wiser to run `netfilter-persistent start` instead. For further information, refer to the netfilter-persistent(8) man page. On the other hand, should you choose not to use iptables-persistent, the decision of where exactly to save rulesets is yours to make. If in doubt, observe the conventions chosen by your distribution. -- Kerin Millar
