debian 8 iptables-persistent
Persist IP Tables Debian/Ubuntu
To persist any changes you make to your iptables rules, do the following.
Install iptables-persistent:
sudo apt-get install -y iptables-persistent
Make any changes you want to your iptables rules, eg
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
Then run
sudo dpkg-reconfigure -y iptables-persistent
The rules should persist after a reboot now.
Extra Info
The dpkg-reconfigure just causes iptables-persistent to do again what it does at install, which is to save the current iptables into a file using a command just like:
iptables-save >/etc/iptables/rules.v4ip6tables-save >/etc/iptables/rules.v6
The iptables-persistent package causes the os to run something like the following on reboot.
iptables-restore < /etc/iptables/rules.v4ip6tables-restore < /etc/iptables/rules.v6
Hope this helps : )
I just stumbled over OP's problem, too (and then his question); found the solution when looking at the package description for iptables-persistent. The new interface seems to be netfilter-persistent, that is use e.g.:
# invoke-rc.d netfilter-persistent save
At least that is what worked for me, HTH ...
Update 8/7/16: It depends on the distro. The following comment content was entered in ignorance of whether the OP distro has a netfilter-persistent package. My apologies. My laptop distro (Mint) does not contain the netfilter-persistent package while my servers distros (Ubuntu 15+) do.
Original answer:As Oliver correctly says, netfilter-persistent replaces iptables-persistent in Ubuntu. What worked with Ubuntu 15.04 was as follows:
Install it, then make sure it is running as a service: service --status-all | grep netfilter-persistent
If not running as a service, start it once for all time with: invoke-rc.d netfilter-persistent start
Then you must place a script someplace that will run when the network or its interfaces stop. The important script content is simply: invoke-rc.d netfilter-persistent save
I put the script in /etc/network/if-post-down.d
directory. Don't forget to chmod it to executable. If power outages are any likelihood, you could make a cron entry for the save command.