Linux – iptables command to clear all existing rules

firewalliptableslinuxredhat

My server is Red Hat Enterprise Linux Server release 5.

What is the correct/proper command to clear all existing iptables rules defined in /etc/sysconfig/iptables (so that I can start defining/adding my new rules)?

Best Answer

1) Method:

Install system-config-firewall and setuptool RPMs. Start "setup", go to "Firewall configuration" and disable the firewall.

Add your own rules.

Start setup and enable the firewall.

2) Method:

Flush iptables using: /etc/init.d/iptables stop

Add your own rules and save the change with:

/etc/init.d/iptables save

Start the configuration:

/etc/init.d/iptables start

Related Solutions

How to Check Your RHEL Version

You can use the lsb_release command on various Linux distributions:

lsb_release -i -r

This will tell you the Distribution and Version and is a little bit more accurate than accessing files that may or may not have been modified by the admin or a software package. As well as working across multiple distros.

For RHEL, you should use:

cat /etc/redhat-release

Iptables – Best Way to Clear All Iptables Rules

To answer your question succinctly, no: there would not be any "leftover" rules after flushing every table. In the interest of being thorough however, you may want to set the policy for the built-in INPUT and FORWARD chains to ACCEPT, as well:

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X

Clear ip6tables rules:

ip6tables -P INPUT ACCEPT
ip6tables -P FORWARD ACCEPT
ip6tables -P OUTPUT ACCEPT
ip6tables -t nat -F
ip6tables -t mangle -F
ip6tables -F
ip6tables -X

...and that should do it. iptables -nvL should produce this (or very similar) output:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Best Answer

Related Solutions

How to Check Your RHEL Version

Iptables – Best Way to Clear All Iptables Rules

Related Topic