FreshTomato Wiki

User Tools

Site Tools

Trace:
clearing_iptables

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
clearing_iptables [2023/05/08 04:23] – -Clarity-intro, formatting hogwildclearing_iptables [2023/05/08 04:48] – -formatting hogwild
Line 1: Line 1:
-===== Clearing iptables custom commands prior to re-applying new ones =====+===== Clearing iptables custom commands prior to applying new ones =====
  
-Let's say, for example, you want to use some custom iptables commands in a script/the firewall. This could actually apply to any recurring script (such as WAN Up).+Let's say, as an example, that you wanted to use some custom iptables commands in a script, such as the firewall scriptIn fact, the following principles would apply to any recurring script (such as "WAN Up").
  
-You can remove what previously added iptables directive with a simple approach:+ \\ You can remove previously-added iptables directives using a simple approach:
  
  \\  \\
Line 11: Line 11:
  \\  \\
  
-This command here below will check what iptables **-A** (append) or **-I** (insert) have been used in the current Script/Firewall text area and force a run of the same command replacing any **-A** or **-I** with a **-D** (Delete) essentially removing any user added iptables directive. To be noted that for advanced iptables commands a user might have created custom tables, this is usually achieved via "**-N**" (new). You can apply the same principle as per above looking for **-N**Do remember that:+The commands below will check what iptables **-A** (append) or **-I** (insert) directives have been issued previously in the current Script/Firewall text. They will then force a run of the same commandreplacing any instance of **-A** or **-I** with a **-D** (Delete) command. In essence, this will reverse/remove any user-added iptables directives.
  
-  * you need to un-reference the custom table from the built in one first (as per approach above) +A user might have created custom tables in which to use advanced iptables commands. This is usually performed using the "**-N**" (new) command. The same principles described above will also apply to previously-issued directives which used the **-N command**. 
-  * table needs to be empties with **-F** (Flush) first e.g. **iptables -F $TABLE_NAME** + 
-  * only at this point you will be allowed to remove the table with **iptables -X $TABLE_NAME**.+ \\ Here are some rules to remember when using these commands: 
 + 
 +  * First, you need to dereference the custom table from the built-in one, using the above method. 
 +  * table must then be emptied with the **-F** (Flush) switch/parameter (for example, **iptables -F $TABLE_NAME **. 
 +  * Only at this point will you be allowed to remove the table with the command:  **iptables -X $TABLE_NAME** . 
 + 
 + \\
  
  
clearing_iptables.txt · Last modified: 2023/05/08 04:49 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki