Custom rule lost after reboot


I have setup custom rule to be added:

iptables -I zone_wan_input -s A.B.C.D -j ACCEPT

it’s an IP address of my machine in the internet.
after restarting firewall it’s there, but after reboot the rule is gone.
Anyone’s got an idea what to search for?

TOS 5.1.2 on omnia

I have put the rule into input_rule and it’s there after reboot.

when I put the rules into zone_wan_input and restarted firewall, the sentinel rule:

44 3765 zone_wan_src_DROP all – * * match-set turris-sn-dynfw-block src mark match ! 0x10/0x10 ctstate NEW /* !sentinel: dynamic firewall block */

preceded the custom rule.
I want this rule apply to work around sentinel from that one particular IP, so I’ll keep it in input_rule for now.

edit: sentinel can be avoided by marking packets in netfilter’s mangle table by “MARK set 0x10”

Please take a look at this thread: [SOLVED] Apply Custom Firewall Rules Upon Reboot I encountered the same issue in the past.

thanks but I prefer clean and documented solution over hacks.
apparently TOS (or is it openwrt?) sets up firewall in a way that prevents custom rules into this chain.

input_rule chain works.