Created
August 19, 2016 09:41
-
-
Save wynemo/73a2cf910e7936bae6ba2ceb3114d6e2 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Flush All Rules, Delete All Chains, and Accept All | |
| This section will show you how to flush all of your firewall rules, tables, and chains, and allow all network traffic. | |
| Note: This will effectively disable your firewall. You should only follow this section if you want to start over the configuration of your firewall. | |
| First, set the default policies for each of the built-in chains to ACCEPT. The main reason to do this is to ensure that you won't be locked out from your server via SSH: | |
| sudo iptables -P INPUT ACCEPT | |
| sudo iptables -P FORWARD ACCEPT | |
| sudo iptables -P OUTPUT ACCEPT | |
| Then flush the nat and mangle tables, flush all chains (-F), and delete all non-default chains (-X): | |
| sudo iptables -t nat -F | |
| sudo iptables -t mangle -F | |
| sudo iptables -F | |
| sudo iptables -X | |
| Your firewall will now allow all network traffic. If you list your rules now, you will will see there are none, and only the three default chains (INPUT, FORWARD, and OUTPUT) remain. | |
| [root@nemo testfolder1]# iptables -S | |
| -P INPUT ACCEPT | |
| -P FORWARD ACCEPT | |
| -P OUTPUT ACCEPT | |
| -A INPUT -p tcp -m tcp --dport 9000 -j DROP | |
| iptables -A INPUT -p tcp --dport 9000 -j DROP # add rule blcok port 9000 | |
| iptables -D INPUT -p tcp --dport 9000 -j DROP # delete that rule |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment