How to List and Delete iptables Firewall Rules

0
2218

In Linux and other Unix-based operating systems, firewall comes pre-installed in the kernel. This firewall is called “iptables”. It’s a rule-based firewall system. Whenever you’re using your Unix/Linux, iptables is running in the background, without any rule specified, of course. By adding rules and modifying them, we can control traffic flow, allow/block a specific website or specific programs’ online access etc.

Structure of “iptables”

Let’s have a better look at the structure of “iptables”. It’s a Table that has Chains where the Chains contain Rules. The structure, in short, TablesàChainsàRules

There’re several types of tables in it, each of them containing different types of chains. Here’s a short list of all of them.

  • Filter table
    • INPUT chain
    • FORWARD chain
    • OUTPUT chain
  • NAT table
    • PREROUTING chain
    • POSTROUTING chain
    • OUTPUT chain
  • Manage table
    • PREROUTING chain
    • OUTPUT chain
    • FORWARD chain
    • INPUT chain
    • POSTROUTING chain

Command lines

For using “iptables”, you need to learn a few of the basic command lines. In “iptables”, the Filter table is the default table. You can see all the rules on the table by executing the following command:

iptables -t filter --list
or
iptables -t filter -L
or
iptables --list
or
iptables -L

From my device, here’s a sample output. Note that yours might be different (don’t panic).

root@test [~]# iptables -t filter --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
acctboth   all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

If you’re willing to see other tables, follow this command:

iptables -t nat --list
or
iptables -t nat -L

The output will be similar to this sample.

root@test [~]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Take a note that after “-t” followed by a space, you’ll have to declare the table name.

iptables -t nat --list # The "nat" represents the NAT table. Change it to your need

If you’ve done anything wrong, don’t worry. The following command will delete all “iptables” rules at once.

# iptables –flush

To delete rules of a specific table, follow this command:

# iptables –flush OUTPUT

Managing “iptables” rules

Creating rules, modifying them and removing them one by one is pretty crazy, to be honest. It’s more maddening when you try to perform them using command lines. For most of the users, it’ll be the same experience for sure. However, if you’re interested in creating or managing “iptables” using commands, here’s the complete guide. It’s pretty simple and easy to follow.

For the vast majority, I’d like to recommend using Shorewall. It’s a frontend tool with very simple & powerful UI for everyone. Alongside “iptables” management, this tool is a complete package of advanced functions and management options. Get Shorewall today. Before you jumpstart to Shorewall, I suggest reading this guide beforehand.

Got any questions about iptables? Feel free to ask it in the comment section below. Don’t forget to share with your friends. Share your experience and assert some dominance on your PC!

Read More

If You Appreciate What We Do Here On OsRadar, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Telegram
  2. Subscribe to our email updates: Sign Up Now
  3. Become a Supporter - Make a contribution via PayPal

We are thankful for your support.

LEAVE A REPLY

Please enter your comment!
Please enter your name here