LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-27-2014, 06:30 AM   #1
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Rep: Reputation: Disabled
DNAT deletion


I was experimenting with iptables and I have two PREROUTING records I need to now delete. I have looked for some time on how to delete these, but can't seem to do it. I need to delete both the INPUT and OUTPUT DNAT strings.


iptables -t nat -L -n -v --line-numbers
-----------------------------

Chain PREROUTING (policy ACCEPT 5207 packets, 301K bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DNAT tcp -- eth0 * 0.0.0.0/0 65.49.14.58 tcp dpt:80 to:188.40.76.149:80

Chain INPUT (policy ACCEPT 5202 packets, 301K bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 24680 packets, 1670K bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DNAT all -- * * 0.0.0.0/0 65.49.14.58 /* Test redirect */ to:188.40.76.149

Chain POSTROUTING (policy ACCEPT 24680 packets, 1670K bytes)
num pkts bytes target prot opt in out source destination
 
Old 06-28-2014, 01:31 AM   #2
GaWdLy
Member
 
Registered: Feb 2013
Location: San Jose, CA
Distribution: RHEL/CentOS/Fedora
Posts: 457

Rep: Reputation: Disabled
What have you tried so far and what happened when you tried it?

I think 'iptables -t nat -D INPUT 1' and 'iptables -t nat -D OUTPUT 1' might do the trick.

Posting from mobile, so I don't have a way to rest right now.
 
Old 06-28-2014, 06:10 AM   #3
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Original Poster
Rep: Reputation: Disabled
This one worked:

iptables -t nat -D OUTPUT 1

got rid of:

Chain OUTPUT (policy ACCEPT 51527 packets, 3466K bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DNAT all -- * * 0.0.0.0/0 65.49.14.58 /* Test redirect */ to:188.40.76.149



This one:

iptables -t nat -D INPUT 1

Gets this error:

iptables: Index of deletion too big.



Through deduction, this was tried and worked:

iptables -t nat -D PREROUTING 1

got rid of:

Chain PREROUTING (policy ACCEPT 14 packets, 812 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DNAT tcp -- eth0 * 0.0.0.0/0 65.49.14.58 tcp dpt:80 to:188.40.76.149:80



I thought I had tried something like this, but it didn't work. It could be that the OUTPUT had to be deleted first.
Thanks for the help!
 
Old 06-28-2014, 09:08 AM   #4
GaWdLy
Member
 
Registered: Feb 2013
Location: San Jose, CA
Distribution: RHEL/CentOS/Fedora
Posts: 457

Rep: Reputation: Disabled
Happy to help!

Mark this sucker as solved.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DNAT help sanjibgupta Linux - Networking 4 02-20-2012 05:47 PM
DNAT sanjibgupta Linux - Newbie 3 12-24-2009 09:54 AM
DNAT configuration ajaimes Linux - Networking 5 06-15-2007 03:48 PM
Dnat sanjibgupta Linux - Networking 2 04-19-2007 04:56 AM
dnat kapcreations Linux - Networking 1 12-28-2004 04:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration