diff --git a/backend/utils/firewall/client/firewalld.go b/backend/utils/firewall/client/firewalld.go
index e0cd33e24..9ddb7e7f8 100644
--- a/backend/utils/firewall/client/firewalld.go
+++ b/backend/utils/firewall/client/firewalld.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/1Panel-dev/1Panel/backend/buserr"
 	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/1Panel-dev/1Panel/backend/utils/cmd"
 )
 
@@ -118,6 +119,9 @@ func (f *Firewall) ListPort() ([]FireInfo, error) {
 }
 
 func (f *Firewall) ListForward() ([]FireInfo, error) {
+	if err := f.EnableForward(); err != nil {
+		global.LOG.Errorf("init port forward failed, err: %v", err)
+	}
 	stdout, err := cmd.Exec("firewall-cmd --zone=public --list-forward-ports")
 	if err != nil {
 		return nil, err
diff --git a/backend/utils/firewall/client/iptables.go b/backend/utils/firewall/client/iptables.go
index 06383de8d..1348c021d 100644
--- a/backend/utils/firewall/client/iptables.go
+++ b/backend/utils/firewall/client/iptables.go
@@ -52,7 +52,7 @@ func (iptables *Iptables) Check() error {
 }
 
 func (iptables *Iptables) NatNewChain() error {
-	return iptables.runf("-t nat -N %s", NatChain)
+	return iptables.runf("-N %s", NatChain)
 }
 
 func (iptables *Iptables) NatAppendChain() error {
diff --git a/backend/utils/firewall/client/ufw.go b/backend/utils/firewall/client/ufw.go
index a43433263..3da4b8e1e 100644
--- a/backend/utils/firewall/client/ufw.go
+++ b/backend/utils/firewall/client/ufw.go
@@ -6,6 +6,7 @@ import (
 
 	"github.com/1Panel-dev/1Panel/backend/buserr"
 	"github.com/1Panel-dev/1Panel/backend/constant"
+	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/1Panel-dev/1Panel/backend/utils/cmd"
 )
 
@@ -108,6 +109,12 @@ func (f *Ufw) ListForward() ([]FireInfo, error) {
 	if err != nil {
 		return nil, err
 	}
+	panelChian, _ := cmd.Execf("%s iptables -t nat -L -n | grep 'Chain 1PANEL'", iptables.CmdStr)
+	if len(strings.ReplaceAll(panelChian, "\n", "")) == 0 {
+		if err := f.EnableForward(); err != nil {
+			global.LOG.Errorf("init port forward failed, err: %v", err)
+		}
+	}
 	rules, err := iptables.NatList()
 	if err != nil {
 		return nil, err