How to Delete Iptables Rule

November 8, 2022

Introduction

iptables is a Linux firewall utility that protects your local network from untrusted sources. This firewall is based on chains that use rules to restrict or allow traffic to the machine.

This tutorial will teach you how to list and delete iptables rules. 

How to Delete Iptables Rule

Prerequisites

List iptables Rules

The sections below show how to list rules by specifications or in a table. The output is the same, but the data is formatted differently. Moreover, the results can also be filtered to show rules for specific chains only.

List iptables Rules Based on Specifications

The standard command to list rules based on specifications is:

sudo iptables -S
sudo iptables -S terminal output

The output print rules as a list of specifications. However, to list only rules for a specific chain, include the chain's name:

sudo iptables -S OUTPUT
sudo iptables -S OUTPUT terminal output

List Rules as a Table

To list all the iptables rules in a table, sorted by chains, use:

sudo iptables -L
sudo iptables -L terminal output

The output shows rules sorted by three chains: INPUT, FORWARD, and OUTPUT. Use the chain name with the command to print the details for that chain:

sudo iptables -L INPUT
sudo iptables -L INPUT terminal output

List Packet Counts

Listing rules in a table or by specifications displays chain name, default policy, target, protocol, IP option, and source and destination IP addresses.

However, the -L and -v arguments print additional info, like the number of packets that match every rule and the total packet size.

To accomplish this, execute:

sudo iptables -L -v
sudo iptables -L -v terminal output

The command prints two more columns, bytes and pkts. The -L and -v arguments also work when applied on a single chain. For instance:

sudo iptables -L INPUT -v
sudo iptables -L -v INPUT terminal output

Reset Packet Counts

The simplest way to reset iptables byte counters is to reboot the system. Another option is the -Z argument:

sudo iptables -Z
sudo iptables -Z terminal output

This command clears the counters in all chains.

Delete iptables Rules

The -D argument used with iptables deletes a specific rule. The -F option removes all rules in the chain. Use one of the methods to delete rules based on specifications, chains, or numbers, or to flush the entire chain.

Delete iptables Rules by Specifications

Use -D with a rule specification to remove that specific rule. To make the process more straightforward, run the command with the -S argument first.

sudo iptables -S
sudo iptables s before deleting terminal output

The output lists all iptables rules and specifications. Choose a rule to delete and copy/paste the specification into the following command:

sudo iptables -D [specification]

Warning: When copying the specification, omit the -A option.

For example, to delete the -A INPUT -j DROP rule from the list, execute:

sudo iptables -D INPUT -j DROP

The command prints no output, but to verify the result, run sudo iptables -S again:

sudo iptables -D INPUT -j DROP terminal output

The output shows that the -A INPUT -j DROP rule and specifications are not on the list anymore.

Delete Rules by Chains and Numbers

A more straightforward way to delete rules is to use line numbers for chains. First, list iptables rules as a table, but add the --line-numbers argument:

sudo iptables -L --line-numbers
sudo iptables -L --line-numbers terminal output

The output also shows three chains: INPUT, FORWARD, and OUTPUT, and adds line numbers for every rule listed under each chain.

To delete a specific rule, include the chain name and the line number:

sudo iptables -D [CHAIN] [LINE_NUMBER]

For instance, to delete a rule with line number 5 from the INPUT chain, execute:

sudo iptables -D INPUT 5

The -D option doesn't show any output, but iptables -L verifies the outcome:

sudo iptables -D INPUT 5 terminal output

Delete All Rules in a Chain (Flush Chain)

Flush a chain with -F to remove all rules and delete that chain. Moreover, the -F argument deletes multiple chains.

To flush a single chain, use -F with the chain name. For instance, the OUTPUT chain has four rules:

The output chain terminal output

Flush the entire OUTPUT chain and delete both iptables rules with the following:

sudo iptables -F OUTPUT

The command doesn’t print any output. Therefore, verify the outcome with:

The output chain after flushing

Flush All Chains

Flushing all chains removes all iptables rules and disables the firewall. Follow this process only when starting or restarting the firewall configuration.

Take the following steps:

1. Change the default policy for every built-in chain to ACCEPT to avoid getting shut out via SSH with:

sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

2. Flush all mangle tables and net tables with:

sudo iptables -t mangle -F
sudo iptables -t nat -F

3. Remove all non-default chains:

sudo iptables -X

4. Flush all chains with:

sudo iptables -F

Note that none of these commands prints any output. To verify that all chains are flushed, run sudo iptables -L --line-numbers again:

sudo iptables F terminal output

Conclusion

After this tutorial, you know how to list and delete iptables rules. Next, read this complete iptables tutorial for even more info.

Was this article helpful?
YesNo
Sara Zivanov
Sara Zivanov is a technical writer at phoenixNAP who is passionate about making high-tech concepts accessible to everyone. Her experience as a content writer and her background in Engineering and Project Management allows her to streamline complex processes and make them user-friendly through her content.
Next you should read
21 Server Security Tips to Secure Your Server
April 20, 2019

Hackers are always on the lookout for server vulnerabilities. It is your responsibility to ensure your data is safe and secure. Minimize risks and be confident your data is secure by implementing...
Read more
How to Set Up a Firewall with UFW on Ubuntu 18.04
December 1, 2022

UFW is a simple interface implemented on top of iptables that provides an easier way to configure a firewall. Use it to define rules of communication to and from a server and ensure your Ubuntu 18.04 is protected...
Read more
5 Linux SSH Security Best Practices to Secure Your Systems
September 24, 2019

The article covers the 5 most common and efficient ways to secure an SSH connection. The listed solutions go a long way in preventing malicious activity and protecting your servers...
Read more
10 Database Security Best Practices
July 13, 2021

Database security involves all aspects of security. Many unwanted database breaches and information compromises are avoidable when sticking to the best security practices. Learn how you can best secure your data to avoid...
Read more