When You want to backup default iptables rule set, then after exporting current rules, you may need to cleanup the exported file from various rules including OpenVPN server ones. Because if you skip this and load the such exported rules file at boot, OpenVPN service will load its rules too, causing duplicity of some rules. Wireguard does the same.
I have noticed that the line, for which the duplicity is not made is:
Inside last two found files are some basic rules, not mine custom 2 forwarding rules.
This is making iptables rules backups complicated (for future migration to different server - you have to also replace static server IPs inside some rules).
Can this be somehow simplified or what is a suggestion? Remember (hard to) OVPN and WG is creating its basic rules i need to always manually cleanup/de-duplicate exported file (risky task)? Or maintain kind of default rules file and try to remember that i need to edit this one + default one in order to maintain new rules across reboot and for backup purpose (not good to adjust main file that is restored on boot since one may do mistake and lock oneself from server.
When You want to backup default iptables rule set, then after exporting current rules, you may need to cleanup the exported file from various rules including OpenVPN server ones. Because if you skip this and load the such exported rules file at boot, OpenVPN service will load its rules too, causing duplicity of some rules. Wireguard does the same.
I have noticed that the line, for which the duplicity is not made is:
i was searching: grep -Ril MyServerPublicIP /etc
Inside last two found files are some basic rules, not mine custom 2 forwarding rules.
This is making iptables rules backups complicated (for future migration to different server - you have to also replace static server IPs inside some rules).
Can this be somehow simplified or what is a suggestion? Remember (hard to) OVPN and WG is creating its basic rules i need to always manually cleanup/de-duplicate exported file (risky task)? Or maintain kind of default rules file and try to remember that i need to edit this one + default one in order to maintain new rules across reboot and for backup purpose (not good to adjust main file that is restored on boot since one may do mistake and lock oneself from server.