gmc2000 Posted February 9, 2024 Posted February 9, 2024 Hi all, I'm quite puzzled by this. I installed iptables-persistent to be able to restore the iptables rules at start-up. Saved the rules to /etc/iptables/rules.v4 / /etc/iptables/rules.v6, then rebooted. But after boot, the iptables are empty. Looking at the status of service netfilter-persistent, it looks like it has ran the scripts to restore the rules: root@gateway:/etc# systemctl status netfilter-persistent.service ● netfilter-persistent.service - netfilter persistent configuration Loaded: loaded (/lib/systemd/system/netfilter-persistent.service; enabled; preset: enabled) Drop-In: /usr/lib/systemd/system/netfilter-persistent.service.d └─iptables.conf Active: active (exited) since Fri 2024-02-09 10:36:23 CET; 29min ago Docs: man:netfilter-persistent(8) Process: 334 ExecStart=/usr/sbin/netfilter-persistent start (code=exited, status=0/SUCCESS) Main PID: 334 (code=exited, status=0/SUCCESS) CPU: 130ms Feb 09 10:36:30 gateway.ow.sono netfilter-persistent[340]: run-parts: executing /usr/share/netfilter-persistent/plugins.d/15-ip4tables start Feb 09 10:36:30 gateway.ow.sono netfilter-persistent[340]: run-parts: executing /usr/share/netfilter-persistent/plugins.d/25-ip6tables start Notice: journal has been rotated since unit was started, output may be incomplete. root@gateway:/etc# And when I manually run the scripts under /usr/share/netfilter-persistent/plugins.d, the rules are restored properly. It seems something is flushing the rules again after they have been restored, but I have no clue what that could be. Is this NetworkManager perhaps? Something else? Is iptables-persistent not the way to go on armbian to restore iptables rules on start-up? This is on Armbian 23.8.1 Bookworm with Linux 6.1.63-current-media (debian version 12.2). 0 Quote
Solution gmc2000 Posted February 9, 2024 Author Solution Posted February 9, 2024 To answer my own post: I had tailscale installed, which flushes the rules after they've been restored. Case closed. 0 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.