How to: Linux flush or remove all iptables rules

by on June 20, 2005 · 9 comments· LAST UPDATED June 28, 2012

in , ,

Here is small script that does this. Debian or Ubuntu GNU/Linux does not comes with any SYS V init script (located in /etc/init.d directory) .

You create a script as follows and use it to stop or flush the iptables rules.

Please don't type rules at command prompt. Use the script to speed up work.

Procedure for Debian / Ubuntu Linux

A) Create /root/fw.stop /etc/init.d/fw.stop script using text editor such as vi:

#!/bin/sh
echo "Stopping firewall and allowing everyone..."
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

(B) Make sure you can execute the script:
# chmod +x /root/fw.stop

(C) You can run the script:
# /root/fw.stop

A note for RedHat and friends Linux user

Please note that RedHat enterprise Linux (RHEL) and Fedora / Centos Linux comes with pre-installed script, which can be used to stop the firewall:
#/etc/init.d/iptables stop
Sample outputs:

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 9 comments… read them below or add one }

1 JRivera September 20, 2008 at 1:06 pm

#/etc/init.d/iptables stop

Thank you that just saved me much time.

Reply

2 Phil Nutzmeyer September 11, 2009 at 6:26 pm

Thanks!!! It saved my time too!

Reply

3 noob December 26, 2009 at 4:26 pm

should i run update-rc.d on the script in init.d ?
Or will the script be run automatically when the system is booted up ?

thanx.

Reply

4 phpmonk March 22, 2010 at 11:48 am

iptables normally starts when you start system
‘/etc/init.d/iptables status’ should show you rules of iptables running.

Reply

5 Relax June 6, 2011 at 8:32 am

iptables –flush
iptables –delete-chain
iptables –table nat –flush
iptables –table filter –flush
iptables –table nat –delete-chain
iptables –table filter –delete-chain

Reply

6 rocksfrow October 26, 2011 at 4:20 am

In CentOS 5 I easily disable iptables after installation as root:

#service iptables stop
#chkconfig iptables off

chkconfig ensures iptables doesn’t start up next boot.

Reply

7 Price October 5, 2012 at 3:39 pm

I have Fire iptables -F
Now My VPS is not Responding I’m Thrown out of the VPS I have no Access to it Please Help

Reply

8 sholan February 6, 2014 at 3:33 pm

The problem is that those scripts are meant to be started not by a user and specially not line by line.

The first command, iptables -F, flushes all chains of default table i.e. INPUT, OUTPUT and FORWARD, using any remote connection implies you’re using both INPUT and OUTPUT chains.

If those chains have a DROP policy, you won’t be able to contact your server remotely anymore.

To ensure note having problem, I would recommend to execute iptables -P ACCEPT commands stated at the end of the script first as it will first set your remote computer to accept connections by default.

I know that this comment is more than a year old, but ppl could still have this issue.

@NIXCraft, I would recommend to modify the script (you’re going permissive anyway) or, at least, warn people about this issue that is more than likely to occur.

Reply

9 Nivas August 21, 2013 at 11:58 am

Hi,

Im getting the following error:

Stopping iptables: ERROR: Module ipt_addrtype does not exist in /proc/modules

Reply

Leave a Comment

Tagged as: , , , , , , , , , , ,

Previous post:

Next post: