How to remove iptables rule

The main work of c firewall Netfilter with the iptables utility is the removal of redundant or unused rules and adding in the chain the new rules. Their implementation is carried out consistently.

In this article we will discuss how to remove the iptables rule with the help of various commands, for example, by number or action that it does. If you are not familiar with teams viewing rules Netfilter recommend you to read the article how to view iptables rules.

How to remove iptables rule

In the article we have to consider three options for the delete command:

sudo iptables [-t table] -D chain specificatiile

sudo iptables [-t table] -D chain namereplace

sudo iptables [-t table] -F [chain]

Commands for IPv6 will be absolutely the same:

sudo ip6tables [-t table] -D chain specificatiile

sudo ip6tables [-t table] -D chain namereplace

sudo ip6tables [-t table] -F [chain]

Consider in detail all options of commands and their practical application. In this article to configure the Netfilter firewall used the Debian operating system 10.2.

1. How to remove a rule by number

To delete rule number iptables will use a command such as:

sudo iptables [-t table] -D chain namereplace

For example:

sudo iptables-t filter-D INPUT 2

This command will remove table filter chain INPUT rule number 2. The numbering of the rules starting from 1.

2. How to remove a rule action

Delete the rule iptables performed on a package action by using the following command:

sudo iptables [-t table] -D chain specificatiile

The specifications rule, you must specify the IP address of the sender or other rule parameters that uniquely determine it (port, IP destination address, Protocol, etc.) and the action to be performed, for example, -j ACCEPT.

For example:

sudo iptables-t filter-D INPUT-s 192.168.3.0/24 -j ACCEPT

This command will remove table filter chain INPUT rule with the given sender 192.168.3.0/24 and action on packages DROP.

3. How to clear all rules from table

It should be noted that it is possible to remove rules from the current table of all combinations of rules using the options -F (–flush). By default, the current table is the table filter. Therefore, to remove all rules to the default table you should use the command:

sudo iptables-F

You can still specify the table from which you want to delete the iptables rules:

sudo iptables-t table -F

For example:

sudo iptables-t nat -F

This command will delete all rules from all chains of nat table.

4. How to delete all rules in chain

To delete rules iptables from a particular chain in a given table is like the following:

sudo iptables-t table -F capacitar

For example:

sudo iptables-t nat -F PREROUTING policy

This command deletes all rules from table nat in the chain PREROUTING policy.

Insights

In this article, we considered various options to remove commands or entire blocks of commands from the chains and tables firewall Netfilter with the iptables utility. We have learned to remove all commands from the current table from a specific chain of rules in the specified table from the specified table, learned to remove the specified numbers and delete command with the specified operation on the data packets.

Source: losst.ru

(Visited 1 times, 1 visits today)