Question

UFW and iptables issue with port forwarding

Hi all

I am relatively new to UFW and iptables.

I need the following port forwarding to be permanent: iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8443 -j ACCEPT iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443

I have enabled UFW and made settings in there as well.

When rebooting the UFW settings remain but the iptables settings disappear.

How do I make them permanent? Preferably via UFW - if possible.

Thanks


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

UFW is a simple frontend for IPtables, and does not allow you to configure everything that IPtables does. Though it does make many common task easier. If you have more complex firewall rules you need to setup, you can use the files:

/etc/ufw/before.rules
/etc/ufw/after.rules

Placing IPtables rules in before.rules will apply those rules before starting UFW. Likewise, rules placed in after.rules will be applied after UFW has started in case the order matters.

There are also the files:

/etc/ufw/after.init
/etc/ufw/before.init

They behave similarly, except that you can execute any arbitrary script rather than just IPtables rules.

You can find more information on UFW in this tutorial: