===== Clearing iptables custom commands prior to applying new ones =====

As an example, let's say that you wanted to use some custom iptables commands in a script, such as the firewall script. (Actually, the following principles would apply to any recurring script, such as "WAN Up").

 \\ You can remove previously-added iptables directives using a simple approach:

 \\

''nvram get script_fire | grep -E '^iptables*' | sed 's/-A\|-I/-D/' | while read line; do exec ${line} &>/dev/null; done''

 \\

The commands below will check what iptables **-A** (append) or **-I** (insert) directives have been issued previously in the current Script/Firewall text. They will then force a run of the same command, replacing any instance of **-A** or **-I** with a **-D** (Delete) command. In essence, this will reverse/remove any previous user-added iptables directives.

You might have created custom tables in which to use advanced iptables commands. This is usually performed using the "**-N**" (new) command. The same principles described above will also apply to previously-issued directives which used the **-N command**.

 \\ Here are a few rules to remember when using these commands:

 \\

  * First, you need to dereference the custom table from the built-in one, \\ using the above method.
  * A table must then be emptied with the **-F** (Flush) switch/parameter \\ (for example: "**iptables -F $TABLE_NAME") **.
  * Only then will you be allowed to remove the table by using the command: \\ "**iptables -X $TABLE_NAME"**.

 \\