Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can I remove multiple matching rules with the iptables --delete command

Tags:

linux

iptables

The iptables --append (-A) command allows you to add multiple identical rules, and you seem to have to run the same number of --delete (-D) commands to remove them again.

The iptables manpage says that the --delete command can delete one or more rules from the selected chain. How do I get the --delete command to remove all matching rules in a single operation?

In a script I can loop calling --delete until I get a non-zero exit status, but this seems crufty.

$ # Add two identical rules.
$ /sbin/iptables --append OUTPUT --protocol tcp --destination example.com --jump DROP
$ /sbin/iptables --append OUTPUT --protocol tcp --destination example.com --jump DROP
$ /sbin/iptables -L OUTPUT -v
Chain OUTPUT (policy ACCEPT 6 packets, 780 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       tcp  --  any    any     anywhere             93.184.216.119
    0     0 DROP       tcp  --  any    any     anywhere             93.184.216.119

$ # Delete a single rule - can this remove all rules?
$ /sbin/iptables --delete OUTPUT --protocol tcp --destination example.com --jump DROP
$ /sbin/iptables -L OUTPUT -v
Chain OUTPUT (policy ACCEPT 6 packets, 716 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       tcp  --  any    any     anywhere             93.184.216.119

I'm using iptables v1.4.18 on Amazon Linux (their EC2 base image)

like image 212
d5ve Avatar asked Jul 31 '14 09:07

d5ve


People also ask

How delete multiple iptables rules?

Delete All iptables rules (All chains) When you are looking to delete all rules in a chain, you can easily use flush option. Let us check how to use -F or --flush in this section. Be careful when deleting all rules as it may drop your ssh access to the server from the terminal.

Can I remove iptables?

Login to Management Console console using an SSH client (e.g. putty). Check iptables status ( which should be active). Check the applied iptables rules. Remove rule which enabled port 8080.

Are iptables rules permanent?

That is because iptables rules, by default, will not persist after a reboot. After configuring your system's iptables rules, there is one more important step thay you must do in order to make sure the rules are still there after a reboot.


1 Answers

I'm afraid you can't do it using just the iptables command line options. What you can do instead is use shell capabilities and xargs:

$ iptables [-t table] -S [chain] | grep [your pattern] | cut -d " " -f 2- | xargs -rL1 iptables [-t table] -D

For example, using your numbers above:

$ iptables -S OUTPUT | grep 93.184.216.119 | cut -d " " -f 2- | xargs -rL1 iptables -D

You can use it also for different tables:

$ iptables -t nat -S | grep 93.184.216.119 | cut -d " " -f 2- | xargs -rL1 iptables -t nat -D

I know this is an old question and probably won't be very helpful to OP, but maybe someone else will stumble upon this problem.

like image 152
bstd Avatar answered Sep 28 '22 03:09

bstd