Will Docker overwrite my iptables rules?

Docker manages its own iptables chains (DOCKER, DOCKER-USER, etc.). Your custom rules should go in the DOCKER-USER chain or in the INPUT/OUTPUT chains (not FORWARD). Docker recreates its rules on daemon restart but does not touch other chains.

Can I use both iptables and firewalld?

Not recommended. They both manage the same kernel netfilter tables and will conflict. Choose one: iptables for manual control, firewalld for zone-based management with persistence. Running both causes unpredictable rule conflicts.

iptables Rules Not Persisting After Reboot — Firewall Configuration Lost

Warningnetwork

Overview

Fix iptables firewall rules disappearing after system reboot because rules are stored in memory and not saved to persistent configuration files.

Key Details

iptables rules are stored in kernel memory and are lost when the system reboots
Rules must be explicitly saved to a file and restored on boot to persist
Different distributions use different persistence methods: iptables-persistent (Debian/Ubuntu), iptables-services (RHEL/CentOS)
nftables is the successor to iptables on modern Linux distributions
Docker, Kubernetes, and other container runtimes add their own iptables rules dynamically

Common Causes

iptables-persistent or iptables-services package not installed
Rules saved with iptables-save but not configured to restore on boot
Firewalld or ufw overriding iptables rules on startup
Docker or Kubernetes resetting iptables chains on container runtime restart

Steps

1Debian/Ubuntu: install iptables-persistent: apt install iptables-persistent (saves rules during install)
2Save rules manually: iptables-save > /etc/iptables/rules.v4 (Debian) or iptables-save > /etc/sysconfig/iptables (RHEL)
3RHEL/CentOS: install and enable iptables-services: yum install iptables-services && systemctl enable iptables
4Verify rules load on boot: reboot and check with iptables -L -n -v
5Consider migrating to nftables or firewalld which have built-in persistence

More in Network

windows-651-pppoe-connection-failedWindows Error 651 — PPPoE Connection Failed

Warning

windows-691-authentication-failedWindows Error 691 — Authentication Failed

Warning

windows-720-ppp-connection-failedWindows Error 720 — PPP Connection Failed

Error

windows-800-vpn-tunnel-failedWindows Error 800 — VPN Tunnel Failed

Warning

windows-network-error-619Windows VPN Error 619 — Connection Could Not Be Established

Warning

windows-network-error-868Windows VPN Error 868 — Remote Server Not Resolved

Warning

Frequently Asked Questions

On modern distributions (Debian 10+, RHEL 8+, Ubuntu 20.04+), yes. nftables is the successor with better performance, simpler syntax, and built-in persistence. Most distributions already use nftables behind an iptables compatibility layer.

iptables Rules Not Persisting After Reboot — Firewall Configuration Lost

Overview

Key Details

Common Causes

Steps

Tags

More in Network

Frequently Asked Questions