iptables question

[kevster]

Can anyone tell me what

sudo iptables -F does

I was looking to disable iptables just now *i know its not a great idea however its my choice*

I looked on a forum and it started off with that. As soon as I done that then Boom! hell let loose. I was kicked from the server lol. I now hav to boot it into rescue mode however what does sudo iptables -F do.

And how can i disable iptables permanently.

Thanks,
Kevin.

 

[R1Lover]

iptables -F = Flushes the selected chain, which effectively deletes every rule in the the chain. If no chain is specified, this command flushes every rule from every chain.

 

[R1Lover]

This will disable it as well.

# service iptables save
# service iptables stop
# chkconfig iptables off

 

[kevster]

Hi,

When in rescue mode it deosnt understand service command.

 

[scsi]

use the full path /sbin/service

 

[defomaz]

you can try this
hxxp://www.cyberciti.biz/faq/linux-howto-disable-remove-firewall/

if your os is ubuntu(debian based) when excuting iptables -F from remote side pc(ssh) you will disconected

solution you must create file ex. stop_fw.sh fill with

# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT

then chamod +x stop_fw.sh and run the script

# ./stop_fw.sh

 

[kevster]

ok we ran this in rescue mode and it aint resolved the issue. iptables is still blocking everything ever since we ran the iptables -F manually.

What can we do. any ideas

 

[kevster]

I have put the server back into rescue mode. server is on Centos.

It seems after we ran that and we rebooted. IPtables still starts up and blocks everything.

 

[R1Lover]

This will disable it as well.

# service iptables save
# service iptables stop
# chkconfig iptables off

You will need to turn off iptables in the config as noted above or it will start again when rebooted as you have found.

 

[kevster]

We have done this and it still starts up.

 

[R1Lover]

We can guide you but we can't do it for you.... not sure what else to tell you... other then hire someone to do it for you maybe?

 

[nobaloney]

the service command won't work in rescue mode because rescue mode is a single-user mode and services don't run. Not even network services. So you really can't test iptables

Flushing iptables should allow everything in.

Running CentOS or Red Hat Enterprise? If so find /etc/rc.d/rc3.d and find the link for iptables; it will look like this:

S08iptables

the number may be different.

Remove the link and replace it with a link named:

K92iptables

, linking to the same place.

If you're not running CentOS or Red Hat, then i don't know how to do this.

Then when you restart your server normally, iptables will NOT start.

If you still can't login, you've broken something else besides iptables.

Jeff