IPtables are a priceless resource for system administrators to secure their servers.
Given the ceaseless attempt by hackers working for money or thrills, every Linux server administrator must grasp the basics of IPtables.
In this post, I will assume that you already have IPtables installed and running on your system.
Once in a while, there might be arise a situation where you’ll have to flush the IPtables rules.
What is flushing?
Flushing basically refers to deleting the IPtables rules in a single chain or all chains.
Now you should know the difference between flushing and deleting on the command line with reference to IPtables.
In flushing, you’re just deleting the rules in a chain.
But when you use the delete command with the -X option, you’re removing the IPtables chain itself.
In most situations, deleting an IPtables chain is not advisable.
With that introduction, let’s consider how to flush IPtables chains both completely and selectively.
Before you play with the IPtables rules, it’s imperative you keep a backup of your IPtables configuration both on the server and on your local machine.
Complete Flushing
To delete all rules in the iptables, you must run the following command.
$ iptables -F
The above command will delete every rule in every chain but keeps the chains themselves intact.
To make the flush permanent, ensure that you run the below command:
$ service iptables save
Selective Flushing
An IPtable typically has several chains (depending, for instance, on your fail2ban jails).
Often times, we want to flush rules in a particular chain but in our haste, we use the iptables -F command and end up flushing all rules in all chains.
Now let’s consider the command for selective flushing of IPtables.
iptables -F [CHAIN_NAME]
As simple as that.
For instance, if you have an IPtables chain called fail2ban-vsftpd and want to delete all rules inside that chain, use the following command.
iptables -F fail2ban-vsftpd
Again, if you want the flush to be permanent you must run the save command.
$ service iptables save
In a later post, we’ll consider the differences between flush and delete.
Sorry, the comment form is closed at this time.