diff --git a/agent/app/service/iptables.go b/agent/app/service/iptables.go
index 945ab13959a7..77b91c1d7366 100644
--- a/agent/app/service/iptables.go
+++ b/agent/app/service/iptables.go
@@ -230,6 +230,18 @@ func (s *IptablesService) Operate(req dto.IptablesOp) error {
 		}
 		_ = settingRepo.Update("IptablesStatus", constant.StatusEnable)
 		return nil
+	case "bind-base-without-init":
+		if err := iptables.BindChain(iptables.FilterTab, iptables.ChainInput, iptables.Chain1PanelBasicBefore, 1); err != nil {
+			return err
+		}
+		if err := iptables.BindChain(iptables.FilterTab, iptables.ChainInput, iptables.Chain1PanelBasic, 2); err != nil {
+			return err
+		}
+		if err := iptables.BindChain(iptables.FilterTab, iptables.ChainInput, iptables.Chain1PanelBasicAfter, 3); err != nil {
+			return err
+		}
+		_ = settingRepo.Update("IptablesStatus", constant.StatusEnable)
+		return nil
 	case "unbind-base":
 		if err := iptables.UnbindChain(iptables.FilterTab, iptables.ChainInput, iptables.Chain1PanelBasicAfter); err != nil {
 			return err
diff --git a/agent/init/firewall/firewall.go b/agent/init/firewall/firewall.go
index 98817a56792c..089d9976cd3d 100644
--- a/agent/init/firewall/firewall.go
+++ b/agent/init/firewall/firewall.go
@@ -79,7 +79,7 @@ func Init() {
 	iptablesService := service.IptablesService{}
 	iptablesStatus, _ := settingRepo.GetValueByKey("IptablesStatus")
 	if iptablesStatus == constant.StatusEnable {
-		if err := iptablesService.Operate(dto.IptablesOp{Operate: "bind-base"}); err != nil {
+		if err := iptablesService.Operate(dto.IptablesOp{Operate: "bind-base-without-init"}); err != nil {
 			global.LOG.Errorf("bind base chains failed, err: %v", err)
 			return
 		}
diff --git a/agent/utils/firewall/client/iptables.go b/agent/utils/firewall/client/iptables.go
index c957d08a047e..5659541d499f 100644
--- a/agent/utils/firewall/client/iptables.go
+++ b/agent/utils/firewall/client/iptables.go
@@ -148,10 +148,8 @@ func (i *Iptables) Port(port FireInfo, operation string) error {
 	if port.Chain == iptables.Chain1PanelBasicBefore {
 		name = iptables.BasicBeforeFileName
 	}
-	if port.Chain == iptables.Chain1PanelBasic {
-		if err := iptables.SaveRulesToFile(iptables.FilterTab, port.Chain, name); err != nil {
-			global.LOG.Errorf("persistence for %s failed, err: %v", iptables.Chain1PanelBasic, err)
-		}
+	if err := iptables.SaveRulesToFile(iptables.FilterTab, port.Chain, name); err != nil {
+		global.LOG.Errorf("persistence for %s failed, err: %v", iptables.Chain1PanelBasic, err)
 	}
 	return nil
 }
@@ -215,10 +213,8 @@ func (i *Iptables) RichRules(rule FireInfo, operation string) error {
 	if rule.Chain == iptables.Chain1PanelBasicBefore {
 		name = iptables.BasicBeforeFileName
 	}
-	if rule.Chain == iptables.Chain1PanelBasic {
-		if err := iptables.SaveRulesToFile(iptables.FilterTab, rule.Chain, name); err != nil {
-			global.LOG.Errorf("persistence for %s failed, err: %v", iptables.Chain1PanelBasic, err)
-		}
+	if err := iptables.SaveRulesToFile(iptables.FilterTab, rule.Chain, name); err != nil {
+		global.LOG.Errorf("persistence for %s failed, err: %v", iptables.Chain1PanelBasic, err)
 	}
 	return nil
 }