Linux iptables delete prerouting rule command

See all GNU/Linux related FAQ
I am a new Linux server sysadmin. I need to delete the PREROUTING rule. How do I delete the prerouting rule on Linux server?

You need to use the iptables command and ip6tables command. These commands are used to set up, maintain, and inspect the tables of IPv4 and IPv6 packet filter rules in the Linux kernel. Let us see how to use the iptables command to delete the pretrouting rule on the Linux system. You must be the root user to run these commands.
Tutorial details
Difficulty level Easy
Root privileges Yes
Requirements Linux terminal
Category Firewall
Prerequisites iptables command
OS compatibility AlmaLinux Alpine Arch CentOS Debian Fedora Linux Mint openSUSE Pop!_OS RHEL Rocky Stream SUSE Ubuntu
Est. reading time 4 minutes

Step 1 – List the pretrouting rules

The syntax is as follows:
$ sudo iptables -t nat -v -L PREROUTING -n --line-number
OR
$ sudo iptables -t nat -v -L -n --line-number
Iptables list the pretrouting rules on Linux
Where,

  • -t nat : Select nat table.
  • -v : Verbose output.
  • -L : List all rules in the selected chain. In other words, show all rules in nat table.
  • -L PREROUTING – Display rules in PREROUTING chain only.
  • -n : Numeric output. IP addresses and port numbers will be printed in numeric format.
  • --line-number : When listing rules, add line numbers to the beginning of each rule, corresponding to that rule’s position in the chain. You need to use line numbers to delete nat rules.

Step 2 – Iptables delete prerouting nat rule

The syntax is:
$ sudo iptables -t nat -D PREROUTING {rule-number-here}
To delete rule # 1 i.e. the following rule:

1    15547  809K DNAT       tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:10.147.164.8:80

Type the following command:
$ sudo iptables -t nat -D PREROUTING 1
OR
$ sudo iptables -t nat --delete PREROUTING 1
Verify that rule has been deleted from the PREROUTING chain , enter:
$ sudo iptables -t nat -v -L PREROUTING -n --line-number

Linux iptables remove prerouting command

Here is another DMZ rule:
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.147.164.8:443
To remove prerouting command, run:
$ sudo iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.147.164.8:443
Make sure you save updated firewall rules, either modifying your shell scripts or by running iptables-save command as described here.

Related
Also, check all our complete firewall tutorials for Alpine Linux Awall, CentOS 8, OpenSUSE, RHEL 8, Debian 12/11, Ubuntu Linux version 16.04 LTS/18.04 LTS/20.04 LTS, and 22.04 LTS.

Alternate syntax to remove specific PREROUTING rules from iptables

Say, you execute the following iptables PREROUTING command for port redirection:
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.147.164.8:443
To delete, run the same above command but replace the “-A” with “-D“:
$ sudo iptables -t nat -D PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.147.164.8:443
Another example, run the same command but replace the “-I” with “-D“. For example, say you have the following rule that redirect SSH (TCP 22) from port 2222 to port 22:
$ sudo iptables -t nat -I PREROUTING -p tcp --dport 2222 -j REDIRECT --to-ports 22
Becomes:
$ sudo iptables -t nat -D PREROUTING -p tcp --dport 2222 -j REDIRECT --to-ports 22
OR
$ sudo iptables -t nat --delete PREROUTING -p tcp --dport 2222 -j REDIRECT --to-ports 22

Linux Iptables Delete prerouting Rule command

Iptables delete prerouting rule command examples

Related: Linux Iptables Delete postrouting Rule Command

Conclusion

We explained to you how to list and remove/delete iptables pretrouting chain nat rules on your Linux based system. The -D or --delete option delete one or more rules from the selected chain. There are two versions of this command, the rule can be specified as a number in the chain or a rule to match as described above. See iptables man page here and following pages for more info:

Check iptables command examples and read the following manual pages using the man command/help command:
$ man iptables

🥺 Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! 🤠
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

2 comments… add one
  • Ruth Ballard Jun 3, 2021 @ 21:43

    This page saved me tons of headaches. Easy to understand and worked perfectly on my CentOS 7 server. 👍

    • Protective Shelter Sep 16, 2022 @ 20:00

      +1 i agree. nixcraft always stands out from all copy cat sites. all the best to vivek.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.