LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page about iptables
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
Page 2 of 2 1 2
  Search this Thread
Old 01-29-2014, 02:34 AM   #16
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,340

Rep: Reputation: Disabled

If you've run iptables -A INPUT -j DROP, you've added a rule, not altered the chain policy.

To remove a single rule, you must know its number in the chain. The command iptables -L INPUT --line-numbers will produce a numbered list of the rules in the INPUT chain.

Once you know the number, you can delete the rule with iptables -D INPUT <number>. Replace <number> with the relevant number as shown in the list.
 
Old 02-06-2014, 07:57 PM   #17
byran cheung
Member
 
Registered: Sep 2013
Posts: 321

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Ser Olmy View Post
If you've run iptables -A INPUT -j DROP, you've added a rule, not altered the chain policy.

To remove a single rule, you must know its number in the chain. The command iptables -L INPUT --line-numbers will produce a numbered list of the rules in the INPUT chain.

Once you know the number, you can delete the rule with iptables -D INPUT <number>. Replace <number> with the relevant number as shown in the list.
thx reply ,

Your method works fine to remove the chain rules that with line number , but I find that the DROP policy do not have line number , would advise what can I do ? thanks

#/sbin/iptables -L -v
Chain INPUT (policy DROP 4996 packets, 589K bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- virbr0 any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- virbr0 any anywhere anywhere udp dpt:bootps
 
Old 02-07-2014, 02:42 AM   #18
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,340

Rep: Reputation: Disabled
The policy doesn't have a rule number, because it's the chain policy, not a rule.

You change the policy with
Code:
iptables -P <CHAIN> <ACTION>
where <CHAIN> is the name of the chain (say, INPUT) and <ACTION> is either ACCEPT or DROP. The policy cannot be deleted.
 
  


Reply
Page 2 of 2 1 2



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables error in android: iptables-save and iptables-restore not working preetb123 Linux - Mobile 5 04-11-2011 01:56 PM
On what basis CHAIN integer values are generated in IPtables under iptables file? haariseshu Linux - Server 3 11-05-2009 04:25 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 02:24 AM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:53 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration