wiki:save_iptables_rules_clear_firewall
Table of Contents
Save iptables rules and clear firewall
Useful for debugging.
First, save the current firewall config:
iptables-save > /root/firewall.rules ip6tables-save > /root/firewall6.rules
Then, flush and open all the firewall rules using the following commands:
Order you execute the commands below matters! Otherwise you might lock yourself out of the machine.
iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X
For IPv6 rules, substitute ip6tables instead of iptables.
One-liner for ipv4:
iptables -P INPUT ACCEPT && iptables -P OUTPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X && iptables -t mangle -F && iptables -t mangle -X
One-liner for ipv6:
ip6tables -P INPUT ACCEPT && ip6tables -P OUTPUT ACCEPT && ip6tables -P FORWARD ACCEPT && ip6tables -F && ip6tables -X && ip6tables -t nat -F && ip6tables -t nat -X && ip6tables -t mangle -F && ip6tables -t mangle -X
One-liner all:
iptables -P INPUT ACCEPT && iptables -P OUTPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X && iptables -t mangle -F && iptables -t mangle -X && ip6tables -P INPUT ACCEPT && ip6tables -P OUTPUT ACCEPT && ip6tables -P FORWARD ACCEPT && ip6tables -F && ip6tables -X && ip6tables -t nat -F && ip6tables -t nat -X && ip6tables -t mangle -F && ip6tables -t mangle -X
After testing, you can re-enable your firewall rules by running the following:
iptables-restore < /root/firewall.rules ip6tables-restore < /root/firewall6.rules
Tested on
See also
References
wiki/save_iptables_rules_clear_firewall.txt · Last modified: by antisa