Differences

This shows you the differences between two versions of the page.

--- clearing_iptables [2023/05/08 04:23] – -Clarity-intro, formatting hogwild
+++ clearing_iptables [2023/05/08 04:49] (current) – added "previous" hogwild
@@ Line 1: / Line 1: @@
-===== Clearing iptables custom commands prior to re-applying new ones =====
+===== Clearing iptables custom commands prior to applying new ones =====
-Let's say, for example, you want to use some custom iptables commands in a script/the firewall. This could actually apply to any recurring script (such as WAN Up).
+Let's say, as an example, that you wanted to use some custom iptables commands in a script, such as the firewall script. In fact, the following principles would apply to any recurring script (such as "WAN Up").
-You can remove what previously added iptables directive with a simple approach:
+ \\ You can remove previously-added iptables directives using a simple approach:
  \\
@@ Line 11: / Line 11: @@
  \\
-This command here below will check what iptables **-A** (append) or **-I** (insert) have been used in the current Script/Firewall text area and force a run of the same command replacing any **-A** or **-I** with a **-D** (Delete) essentially removing any user added iptables directive. To be noted that for advanced iptables commands a user might have created custom tables, this is usually achieved via "**-N**" (new). You can apply the same principle as per above looking for **-N**. Do remember that:
+The commands below will check what iptables **-A** (append) or **-I** (insert) directives have been issued previously in the current Script/Firewall text. They will then force a run of the same command, replacing any instance of **-A** or **-I** with a **-D** (Delete) command. In essence, this will reverse/remove any previous user-added iptables directives.
-  * you need to un-reference the custom table from the built in one first (as per approach above)
+A user might have created custom tables in which to use advanced iptables commands. This is usually performed using the "**-N**" (new) command. The same principles described above will also apply to previously-issued directives which used the **-N command**.
-  * a table needs to be empties with **-F** (Flush) first e.g. **iptables -F $TABLE_NAME**
-  * only at this point you will be allowed to remove the table with a **iptables -X $TABLE_NAME**.
+ \\ Here are some rules to remember when using these commands:
+  * First, you need to dereference the custom table from the built-in one, using the above method.
+  * A table must then be emptied with the **-F** (Flush) switch/parameter (for example, **iptables -F $TABLE_NAME ) **.
+  * Only at this point will you be allowed to remove the table with the command:  **iptables -X $TABLE_NAME** .
+ \\

FreshTomato Wiki

User Tools

Site Tools

Differences

Page Tools