Iptables is a firewall in Linux that allows you to control incoming and outgoing traffic. It consists of a set of rules and rule chains that are used by operating system to block/allow traffic. Sometimes you may need to delete one or more rules in iptables. In this article, we will learn how to delete iptables rules.
How to Delete Iptables Rules
Here are the different ways to delete or remove existing iptables rules. First we will look at the different ways to list existing iptables rules. We need to able to clearly identify and specify while rules are to be deleted.
Open terminal and run the following command to list all active iptables rules.
$ sudo iptables -S
If you want to list a specific rule chain such as INPUT, OUTPUT, TCP, etc. mention the chain name after -S option. Here is an example to view rules in TCP chain.
$ sudo iptables -S TCP
Here is the typical output you will see.
-N TCP -A TCP -p tcp -m tcp --dport 22 -j ACCEPT
You can also view all iptables rules as a table, with the following command.
$ sudo iptables -L
If you want to view only INPUT chain rules, you can specify the chain name after -L option in iptables.
$ sudo iptables -L INPUT
Here is the typical output you see.
Output Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere ctstate INVALID UDP udp -- anywhere anywhere ctstate NEW TCP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW ICMP icmp -- anywhere anywhere ctstate NEW REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable
Here is what the different columns in about output mean
target
: If a packet matches the rule, the target specifies what should be done with it – whether it should be accepted, dropped, logged, or sent to another chainprot
: protocol such astcp
,udp
,icmp
, orall
opt
: Rarely used, this column indicates IP optionssource
: Source IP address or subnet of the traffic, oranywhere
destination
: Destination IP address or subnet of the traffic, oranywhere
Now that we have seen different ways to view iptables rules, let us learn how to delete them.
Delete Rules by Specification
You can easily delete iptables rules using -D option followed by rule specification. Here is an example to delete rule that drops invalid incoming packets.
$ sudo iptables -D INPUT -m conntrack --ctstate INVALID -j DROP
Delete Rules by Chain & Number
Each iptable rule has a serial number known as line number. You can also delete iptables rules by mentioning the chain and line number. You can view each rule’s line number with the following command.
$ sudo iptables -L --line-numbers Output Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED 2 ACCEPT all -- anywhere anywhere 3 DROP all -- anywhere anywhere ctstate INVALID 4 UDP udp -- anywhere anywhere ctstate NEW 5 TCP tcp -- anywhere anywhere tcp ...
Once you have the line number of each rule, you can mention it in iptables command. Here is an example to delete rule with line number 3 in INPUT chain.
$ sudo iptables -D INPUT 3
Please note, each rule chain has separate line numbers. So you need to note both the chain name as well as line number to be able to delete a rule.
This method is very useful in deleting individual iptables rules.
Flush Iptables Chain
You can also delete all rules in a chain, known as flushing chain. To flush a chain, which will delete all rules in a chain, use -F or –flush option. Here is an example command to delete all rules in INPUT chain.
$ sudo iptables -F INPUT
If you want to flush all chains, that is, delete all firewall rules, on your system, use the following command. You need to mention -F or –flush option by itself without mentioning any chain name.
$ sudo iptables -F
Please be very careful before you flush all chains in iptables, since you will get locked out of your SSH and may not be able to get access again.
In this article, we have learnt different ways to list iptables rules as well as delete single rules, multiple rules in Linux.
Also read:
How to Use Rsync With SSH Key
How to Run Python Scripts in Sequence
How to Download Gmail Attachment Using Shell Script
How to Do Google Search With Terminal
How to Backup WordPress to Dropbox