Thursday, July 17, 2014

Deleting Single Iptables Rule

I look at my iptables rules
iptables -L
and get this
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere           

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

For example I make rule to accept port 80, so I do this
iptables -I INPUT 3 -p tcp --dport 80 -j ACCEPT
and then iptables -L give us this
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere           
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     all  --  anywhere             anywhere
Look at third line, there is rule for accepting connection from port 80. The rule inserted in third line because I use 3 in this rule
 iptables -I INPUT 3 -p tcp --dport 80 -j ACCEPT
If we want to delete this single rule, do
iptables -D INPUT 3
So iptables -L give us
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere
Source:
http://major.io/2007/02/09/delete-single-iptables-rules/
Posted by Akhmad Fakhoni Listiyan Dede at 10:42 PM
Labels:

0 comments:

:)) :)] ;)) ;;) :D ;) :p :(( :) :( :X =(( :-o :-/ :-* : 8-} ~x( :-t b-( :-L x( =))

Post a Comment

Subscribe to: Post Comments (Atom)