Se desideri che il tuo firewall Ubuntu funzioni in modo simile a RedHat / Fedora, in Ubuntu 18.04, probabilmente vorrai questi:
sudo apt install iptables-persistent netfilter-persistent
Quindi modificare le regole in /etc/iptables/rules.v[46]
Altri comandi che potrebbero essere utili:
netfilter-persistent save
netfilter-persistent start
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
iptables-restore < /etc/iptables/rules.v4
ip6tables-restore < /etc/iptables/rules.v6
systemctl stop netfilter-persistent
systemctl start netfilter-persistent
systemctl restart netfilter-persistent
I due pacchetti sono simili, ma offrono funzionalità leggermente diverse. Se si installa solo iptables-persistent, non si otterrà il file di definizione del servizio per la corretta gestione in systemd, ad es/lib/systemd/system/netfilter-persistent.service
Se installi solo netfilter-persistent, scoprirai che le regole non vengono applicate correttamente all'avvio, come da README
netfilter-persistent and its plugins
------------------------------------
netfilter-persistent does no work on its own. You need the accompanying
plugins (for example, iptables-persistent) to load and save filter rules.
However, commands are run from netfilter-persistent. For example, to save
all filter rules:
netfilter-persistent save
or to load them:
netfilter-persistent start
For more details, see `man netfilter-persistent`.
The system service will try to load rules at startup if enabled, but by
default it will not flush rules at shutdown. This behaviour can be changed
by editing /etc/default/netfilter-persistent.