[iptables][archlinux][raspberry pi] firewall rules activate at the booting time

1. Input following command into cli
   iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
   iptables -A FORWARD -i ppp0 -o wlan0 -j ACCEPT
   iptables -A FORWARD -i wlan0 -o ppp0 -j ACCEPT
2. Using iptables backup command to backup command as script.
   iptables-save > /etc/iptables/iptables.rules
3. Using iptables restore command to restore script.
   /usr/sbin/iptables-restore < /etc/iptables/iptables.rules
4. Add following command to systemd.
   Execute iptable rule after booting time.
   /etc/systemd/system/sysinit.target.wants/iptables.service

[Unit]
Description=Packet Filtering Framework

[Service]
Type=oneshot# must use iptables.rules [4]
ExecStart=/usr/bin/iptables-restore /etc/iptables/iptables.rules 
ExecReload=/usr/bin/iptables-restore /etc/iptables/iptables.rules
# ExecStop=/usr/lib/systemd/scripts/iptables-flush
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target.wants

Reference:

1. make the iptables rules permanent
2. iptables
3. Ensure that the firewall rules are activated every time you restart
4. Configuring and Running iptables

Code :
/etc/iptables/my.rules

# Generated by iptables-save v1.4.21 on Sun Mar  1 13:32:06 2015
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Sun Mar  1 13:32:06 2015
# Generated by iptables-save v1.4.21 on Sun Mar  1 13:32:06 2015
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -i ppp0 -o wlan0 -j ACCEPT
-A FORWARD -i wlan0 -o ppp0 -j ACCEPT
COMMIT
# Completed on Sun Mar  1 13:32:06 2015