Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Im not in the mood for "why". I just want to know if there is a way to completely, permanently remove every single rule that has been added into iptables. If so, what is the command as I really need it. I have tried iptables -F, -Z, -X whatever it is, nothing seems to permanently remove it.
Oh by it I meant all of the rules. Ive tried iptables -F and iptables -X but Ill try again. Well, it works that much I know. However when I try to restore my rules back using a config file, its put back rules that had been previously added by an automated program (libvirt), even if I clear it from the file. The command I use to restore is iptables-restore </etc/firewall.rules and then I do iptables-save >/etc/firewall.rules I will try it all again though.
EDIT: I guess I just can't use the iptables-save command anymore as it puts back the stuff from libvirt. Guess I can only use iptables-restore ...that stinks. iptables is really wonky.
Oh by it I meant all of the rules. Ive tried iptables -F and iptables -X but Ill try again. Well, it works that much I know. However when I try to restore my rules back using a config file, its put back rules that had been previously added by an automated program (libvirt), even if I clear it from the file. The command I use to restore is iptables-restore </etc/firewall.rules and then I do iptables-save >/etc/firewall.rules I will try it all again though.
EDIT: I guess I just can't use the iptables-save command anymore as it puts back the stuff from libvirt. Guess I can only use iptables-restore ...that stinks. iptables is really wonky.
Well, when you do iptables-save > /etc/firewall.rules you overwrite your original rules with whatever is in the tables at that time. When you then use that file with iptables-restore you reload them just like it was when saved - additional rules included. Whatever was originally in /etc/firewall.rules is... gone...
If you want to keep your original firewall rules intact, then try...
Code:
iptables-save >/etc/firewall.saved.rules
itpables-restore /etc/firewall.saved.rules
AND usually at boot or to put back to known state...
/etc/rc.d/rc.firewall start which likely loads /etc/firewall.rules as shell script
Generally, the iptables-save/-restore format is not the same as a firewall script used to initialize iptables which is commonly /etc/firewall.rules, so overwriting that file with iptables-save will likely break your boot firewall script.
So to permanently delete any runtime added rules you must have the original iptables rules script available to run after iptables -F.
Last edited by astrogeek; 08-05-2015 at 06:13 PM.
Reason: typos, additional comment
Well, when you do iptables-save > /etc/firewall.rules you overwrite your original rules with whatever is in the tables at that time. When you then use that file with iptables-restore you reload them just like it was when saved - additional rules included. Whatever was originally in /etc/firewall.rules is... gone...
If you want to keep your original firewall rules intact, then try...
Code:
iptables-save >/etc/firewall.saved.rules
itpables-restore /etc/firewall.saved.rules
AND usually at boot or to put back to known state...
/etc/rc.d/rc.firewall start which likely loads /etc/firewall.rules as shell script
Generally, the iptables-save/-restore format is not the same as a firewall script used to initialize iptables which is commonly /etc/firewall.rules, so overwriting that file with iptables-save will likely break your boot firewall script.
So to permanently delete any runtime added rules you must have the original iptables rules script available to run after iptables -F.
Just remember, iptables-save and iptables-restore allow you to save state and restore a saved state. Restore does NOT restore an initial non-saved state, which might be confusing you.
The initial state is generally set by a shell script using iptables -N/-A/-I commands and is what you should manage for setting known states.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.