How to List and Delete Iptables Rules

Iptables is a firewall utility which is by default available in all Linux distributions. Iptables are normally used to set up, maintain and inspect the tables of packet filter rules in your Linux kernel.

Iptables rules which are no longer required or added by mistake need to be removed. After finishing this tutorial, you will learn the different ways to list and delete iptables rules.

To run iptables commands you require root or sudo user privileges.

To list (view) all rules in iptables

To list all rules in all chains (INPUT, OUTPUT, and FORWARD), iptables uses --list or -L option.

Check iptables list syntax:

$ sudo iptables --list
or
$ sudo iptables -L

Below sample output shows all chains with no rules:

# iptables --list
Chain INPUT (policy ACCEPT)
Target prot opt source destination
Chain FORWARD (policy ACCEPT)
Target prot opt source destination
Chain OUTPUT (policy ACCEPT)
Target prot opt source destination

Let me show you another example that has a rule in the 'OUTPUT' chain.

# iptables -L
Chain INPUT (policy ACCEPT)
Target prot opt source destination

Chain FORWARD (policy ACCEPT)
Target prot opt source destination

Chain INPUT (policy ACCEPT)
Target prot opt source destination
DROP icmp -- anywhere anywhere icmp echo-request

Delete All iptables rules (All chains)

When you are looking to delete all rules in a chain, you can easily use flush option. Let us check how to use -F or --flush in this section.

Be careful when deleting all rules as it may drop your ssh access to the server from the terminal. If that happens then the only option would be to set access via console.

The following command will flush all chains from iptables:

$ sudo iptables --flush
or
$ sudo iptables -F

After performing the above command your iptables will become completely clear. You can verify the output using iptables --list command.

Delete Specific Chain

To delete specific chain you need to use -F or --flush followed by chain name. Let's check an example to completely delete the 'OUTPUT' chain from the iptables.

The following command will delete all rules in the OUTPUT chain:

$ sudo iptables -F OUTPUT

How to delete specific Rule inside a chain

It is possible to delete specific rule inside a chain. We have two options either deleting by rule match or specified rule number.

Delete by rule match

The following command delete a rule in the input chain by matching.

$ sudo iptables -D INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

Delete by specified rule number

To delete a rule by a specific number, you have to first list the rule number (iptables -L INPUT --line-numbers).

Below is an example shows the line numbers for rules in the 'INPUT' chain.

$ sudo iptables -L INPUT --line-numbers
Chain INPUT (policy ACCEPT)
Num target prot opt source destination
1 ACCEPT udp -- anywhere anywhere udp dpt:domain
2 ACCEPT tcp -- anywhere anywhere tcp dpt:domain
. . .

So, now we have the rule number. Let's go ahead and delete the second rule using -D option.

$ sudo iptables -D INPUT 2

Lets check one practical example where you want to delete all nat rules, then use the below commands.

List all nat rules

$ sudo iptables -L -t nat -v

Delete all nat rule

$ sudo iptables -F -t nat -v

Conclusion

You should be cautious before removing iptables rule and recommend to have a backup before. I hope you enjoyed reading and please add your suggestion on the below comment section.

Bobbin Zachariah 9:37 pm

Comments

Your email address will not be published. Required fields are marked *