Can't persistent iptables in Ubuntu VM

Manually run /usr/sbin/iptables-restore < /etc/iptables/rules.v4 successfully so the rule has no problem.

Does qubes-service/netfilter-persistent limit the persistent?

# sudo systemctl status netfilter-persistent.service
● netfilter-persistent.service - netfilter persistent configuration
     Loaded: loaded (/lib/systemd/system/netfilter-persistent.service; enabled; vendor preset: enabled)
    Drop-In: /usr/lib/systemd/system/netfilter-persistent.service.d
             └─30_qubes.conf
             /etc/systemd/system/netfilter-persistent.service.d
             └─iptables.conf
     Active: inactive (dead)
  Condition: start condition failed at Sat 2022-03-26 11:32:20 CST; 3min 27s ago
             └─ ConditionPathExists=/var/run/qubes-service/netfilter-persistent was not met
       Docs: man:netfilter-persistent(8)

Mar 26 11:16:28 localhost systemd[1]: Condition check resulted in netfilter persistent configuration being skipped.
Mar 26 11:26:52 proxy systemd[1]: Condition check resulted in netfilter persistent configuration being skipped.

In my Debian 12 minimal appvm, the ConditionPathExists which prevents iptables.service from iptables-persistent package to start lies here:

/usr/lib/systemd/system/netfilter-persistent.service.d/30_qubes.conf

This file comes from qubes-core-agent package and I believe its purpose is to prevent conflict with qubes-iptables.service from qubes-core-agent-networking package which seems to provide, at least, the same feature iptables-persistent offers.

My solution was to remove iptables-persistent package and tune the rules of iptables in /etc/qubes/iptables.rule instead of /etc/iptables/rule.v4.