[Spce-user] Starting firewall on boot

Steve Saner ssaner at hubris.net
Tue Jul 31 18:17:16 EDT 2018

Are most people here turning on the firewall rules as provided by the 

If so, how are you getting those firewall rules to start on boot?

It appears that things are set up to use the netfilter-persistent 
package to load the firewall rules on boot and a file 
/etc/iptables/rules.v4 is created by ngcpcfg for that purpose.

For me, however, netfilter-persistent is failing to load the rules.

The reason, I believe, is because the rules in rules.v4 include the 
rtpengine stuff and the jump to the RTPENGINE chain. When the 
netfilter-persistent service is started, however, the kernel support for 
RTPENGINE is not yet running, and so the iptables-restore fails.

It seems to me that the rules stored in rules.v4 should skip the rtp 
engine stuff especially since those rules will be added automatically 
when the ngcp-rtpengine-daemon service starts anyway.

Am I missing something?


Steven Saner <ssaner at hubris.net>                      Voice:  316-858-3000
Director of Network Operations                          Fax:  316-858-3001
Hubris Communications                                http://www.hubris.net

More information about the Spce-user mailing list