diff --git a/post-install.txt b/post-install.txt
index 149eab5..0442450 100755
--- a/post-install.txt
+++ b/post-install.txt
@@ -50,8 +50,8 @@ echo "PS1='\[\033[02;31m\]\u@\H:\[\033[01;34m\]\w\$\[\033[00m\] '" >> /rootfs/ho
 # Post install firewall configuration
 #================================================================
 echo "Switch to legacy iptables for k3s support"
-#iptables -F
-#update-alternatives --set iptables /usr/sbin/iptables-legacy
+iptables -F
+update-alternatives --set iptables /usr/sbin/iptables-legacy
 
 echo "Allowing local traffic in iptables"
 iptables -A INPUT -i lo -j ACCEPT
@@ -67,6 +67,9 @@ systemctl start iptables-persistent
 
 echo "Ensure iptables-persistent is enabled"
 systemctl enable iptables-persistent
+
+echo "Ensure firewall rules are saved"
+dpkg-reconfigure -y iptables-persistent
 #================================================================
 
 
@@ -91,7 +94,12 @@ EOF
 
 echo "Enabling port knocking..."
 sed -i "s/START_KNOCKD=0/START_KNOCKD=1/" /rootfs/etc/default/knockd
-systemctl enable knockd
+cat << EOF >> /rootfs/lib/systemd/system/knockd.service 
+[Install]
+WantedBy=multi-user.target
+Alias=knockd.service
+EOF
+systemctl enable knockd.service
 
 echo "Restarting knock service..."
 systemctl restart knockd