{{tag>firewall iptables shorewall}}

====== Save iptables rules and clear firewall ======
Useful for debugging.

First, save the current firewall config:

  iptables-save > /root/firewall.rules
  ip6tables-save > /root/firewall6.rules

Then, flush and open all the firewall rules using the following commands:
<WRAP center round important 60%>
Order you execute the commands below matters!
Otherwise you might lock yourself out of the machine.
</WRAP>


  iptables -P INPUT ACCEPT
  iptables -P OUTPUT ACCEPT
  iptables -P FORWARD ACCEPT
  iptables -F
  iptables -X
  iptables -t nat -F
  iptables -t nat -X
  iptables -t mangle -F
  iptables -t mangle -X



For IPv6 rules, substitute ip6tables instead of iptables.

One-liner for **ipv4**:

  iptables -P INPUT ACCEPT && iptables -P OUTPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X && iptables -t mangle -F && iptables -t mangle -X

One-liner for **ipv6**:

  ip6tables -P INPUT ACCEPT && ip6tables -P OUTPUT ACCEPT && ip6tables -P FORWARD ACCEPT && ip6tables -F && ip6tables -X && ip6tables -t nat -F && ip6tables -t nat -X && ip6tables -t mangle -F && ip6tables -t mangle -X

One-liner all:

  iptables -P INPUT ACCEPT && iptables -P OUTPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X && iptables -t mangle -F && iptables -t mangle -X && ip6tables -P INPUT ACCEPT && ip6tables -P OUTPUT ACCEPT && ip6tables -P FORWARD ACCEPT && ip6tables -F && ip6tables -X && ip6tables -t nat -F && ip6tables -t nat -X && ip6tables -t mangle -F && ip6tables -t mangle -X
 
After testing, you can re-enable your firewall rules by running the following:

  iptables-restore < /root/firewall.rules
  ip6tables-restore < /root/firewall6.rules




====== Tested on ======
  * 

====== See also ======

====== References ======