[Unit]
Description=Manage firewall stop/start
#After=fail2ban.service

[Service]
ExecStart=/usr/bin/awk '!/^\s*(#.*|$)/{print $0; system("/sbin/iptables " $0)}' /root/iptables.rules
ExecStop=/usr/bin/awk '!/^\s*(#.*|$)/{system("/sbin/iptables " $0)}' /root/iptables.norules

[Install]
WantedBy=multi-user.target