How to Remove Specific Rules from Iptables

How can I remove specific rules from iptables?

Execute the same commands but replace the "-A" with "-D". For example:

iptables -A ...

becomes

iptables -D ...

Removing specific iptables rule

Using iptables -F PREROUNTING you can delete all rules for chain PREROUNTING.

Using iptables -D PREROUTING 1 you can delete a single first rule from chain PREROUTING. So to delete above two rules you will have to use the same command twice.

Use iptables -t nat -D PREROUTING -p tcp --dport 12348 -j DNAT --to-destination 192.168.0.5:12348 and iptables -t nat -D PREROUTING -p tcp --dport 7778 -j DNAT --to-destination 192.168.0.5:7778 to delete these two specific rules.

Just replacing -I with -D.

Iptables remove specific rules by comment

You can use the following command:

iptables-save | sed -r '/PREROUTING.*comment.*test it/s/-A/iptables -D/e'

iptables-save will return iptables commands that can be executed to return the current state of the firewall after a reboot or whatever.

Meaning it will contain lines like:

...
-A PREROUTING -p tcp -m tcp --dport 25 -j ACCEPT -m comment --comment "test it"
...

The sed command searches for lines containing PREROUTING.*comment.*test it (should be good enough) and prepends the term iptablesplus replaces -A by -D since -D deletes a rule. The result of the replacement operation get's then executed using the e command. The e command is a GNU extension to sed.

Note: If you want to print the command in addition to simply executing it you can use s/-A/iptables -D/pe.

How to remove iptables rule

Your rule was defined in table nat, so you must add -t nat explicitly.

sudo iptables -D OUTPUT 1 -t nat

If you haven't specific the table name, the default action will use '-t filter' implicitly.

Remove all DROP iptables rules from bash script

In your script, your IFS is still set to a newline by the time the iptables is executed. Hence bash can't word-split your command arguments.

I would set back IFS=$IFS_OLD as soon as the modified value is not needed anymore, which is probably after the assignement to rule_list.


Related Topics

Error: Could Not Find Tiller' When Running 'Helm Version'

Printing an Integer with X86 32-Bit Linux Sys_Write (Nasm)

Linux. Sol_Netlink Not Defined

Perl Fails to Set Locale Even Though It Is Installed

Stty Serial Port Settings for Parity Not Persistent

How to Get Sudo Access for a File Inside the Vi Text Editor

Compile/Run Assembler in Linux

Get First Line of a Shell Command's Output

Linux Commands to Copy One File to Many Files

Add a Newline Only If It Doesn't Exist

Concurrency of Posix Threads in Multiprocessor MAChine

Pipe Bash Command Output to Stdout and to a Variable

New Scala Worksheets Not Evaluated in Eclipse

How to Ignore Line Breaks in Input Using Nasm Assembly

How to Parse Command Line Options in Bash Shell

Learning Kernel Programming

When to Use Pipes VS When to Use Shared Memory

Which Context Are Softirq and Tasklet In


Leave a reply



Submit