Add doc how_to_persistent_nft_rules_with_debian_10.mkd

docs/configurations/manual-operation-docs/how_to_persistent_nft_rules_with_debian_10.mkd

@@ -0,0 +1,53 @@
+# How to persistent nft rules with debian 10 
+
+## Test platform info 
+
+Debian  10.0   
+netfilter-persistent    1.0.11  
+nftables    0.9.0-2
+
+## Pre-Install 
+```
+$ sudo apt-get install -y nftables netfilter-persistent 
+```  
+
+## How to enable netfilter-persistent service
+
+netfilter-persistent service is auto running when netfilter-persistent was installed.
+
+Check service status:
+```
+$ sudo systemctl status netfilter-persistent
+```
+
+If netfilter-persistent service is not started, use the following command to enable netfilter-persistent service:
+```
+$ sudo systemctl start netfilter-persistent
+```
+
+## How to config for persistent iptables 
+
+### Get nftables ruleset  
+```
+~$ wget https://raw.githubusercontent.com/hardenedlinux/harbian-audit/master/docs/configurations/nftables.conf 
+~$ sudo mv nftables.conf /etc/nftables.conf 
+``` 
+
+Note: Please replace ens33 to interface name of your device 
+
+### Get plugin of netfilter-persistent 
+```
+~$ wget https://raw.githubusercontent.com/hardenedlinux/harbian-audit/master/docs/configurations/nftables-plugin.sh
+~$ sudo mv nftables-plugin.sh /usr/share/netfilter-persistent/plugins.d/
+```
+
+## Well-done 
+Nft rules would auto restore nftables rules when Operation system restart, or manual to exec following command:
+```
+$ sudo systemctl restart  netfilter-persistent
+```
+
+## Reference 
+[http://manpages.org/netfilter-persistent/8](http://manpages.org/netfilter-persistent/8)  
+
+

docs/configurations/nftables.conf

@@ -1,5 +1,6 @@
 #!/usr/sbin/nft -f
 
+# Please replace ens33 to interface name of your device 
 define int_if = ens33
 
 # If there are multiple net interface, example: