You need to use the iptables and ip6tables command on Linux machines. These commands are used to set up, maintain, and inspect the tables of IPv4 and IPv6 packet filter firewall rules in the Linux kernel. Let us see how to use the iptables command to delete the postrouting rule on the Linux system. You must be the root user to run the commands mentioned below.
Step 1 – List iptables postrouting rules on Linux
The syntax is as follows:
iptables -t nat -v -L POSTROUTING -n --line-number
OR
iptables -t nat -v -L -n --line-number
Sample outputs:
Fig.01: Linux iptables list nat rules command
- -t nat : Select nat table.
- -v : Verbose output.
- -L : List all rules in the selected chain i.e show all rules in nat table.
- -L POSTROUTING : List all rules in the POSTROUTING chain only.
- -n : Numeric output. In other words, IP addresses and port numbers will be printed in numeric format instead of DNS names. This will speed up listing rules.
- --line-number : When listing rules, add line numbers to the beginning of each rule, corresponding to that rule’s position in the chain. You need to use line numbers to delete nat rules from POSTROUTING chain.
Step 2 – Linux iptables delete postrouting nat rule (version 1)
The syntax is:
iptables -t nat -D POSTROUTING {number-here}
To delete rule # 5 i.e. the following rule:
5 40 3360 SNAT all -- * * 10.8.0.0/24 0.0.0.0/0 to:202.54.1.5
Type the following command:
iptables -t nat -D POSTROUTING 5
OR
iptables -t nat --delete POSTROUTING 5
Verify it, enter:
iptables -t nat -v -L POSTROUTING -n --line-number
Sample outputs:
Chain POSTROUTING (policy ACCEPT 94 packets, 6392 bytes) num pkts bytes target prot opt in out source destination 1 10 762 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0 2 0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0 3 0 0 MASQUERADE all -- * eth1 10.0.0.0/8 0.0.0.0/0 4 0 0 MASQUERADE all -- * eth1 10.0.0.0/8 0.0.0.0/0
Another syntax to remove specific postrouting rules from iptables (version 2)
Say, you execute the following postrouting command:
# iptables -t nat -A POSTROUTING -o eth1 -s 10.8.0.0/24 -j MASQUERADE
To delete, run the same above commands but replace the “-A” with “-D”
# iptables -t nat -D POSTROUTING -o eth1 -s 10.8.0.0/24 -j MASQUERADE
Another example, run the same commands but replace the “-I” with “-D“. For example:
# iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -j SNAT --to 202.54.1.5
Becomes:
# iptables -t nat -D POSTROUTING -s 10.8.0.0/24 -j SNAT --to 202.54.1.5
OR
# iptables -t nat --delete POSTROUTING -s 10.8.0.0/24 -j SNAT --to 202.54.1.5
Related: Linux Iptables Delete prerouting Rule Command
Conclusion
You learned how to list and remove/delete iptables postrouting rules on Linux server. The above commands works on Debian, Ubuntu, CentOS, RHEL, Fedora and all other Linux distros. The -D or --delete option delete one or more rules from the selected chain. There are two versions of this command, the rule can be specified as a number in the chain (version 1) or a rule to match (version 2) as described above. See iptables man page for more info here and my tutorials for more info:
- Linux: 25 Iptables Netfilter Firewall Examples For New SysAdmins
- CentOS / Redhat Iptables Firewall Configuration Tutorial
- How to setup a UFW firewall on Ubuntu 16.04 LTS server
- How to setup a UFW firewall on Ubuntu 18.04 LTS server
- In-depth tutorial about setting up FirewallD on RHEL 8, CentOS 8, or OpenSUSE 15.1
🐧 0 comments... add one ↓
Category | List of Unix and Linux commands |
---|---|
File Management | cat |
Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
Network Utilities | dig • host • ip • nmap |
OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
Package Manager | apk • apt |
Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
Searching | grep • whereis • which |
User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |