Test Iptables Script Remotely

How do I test iptables based script remotely over ssh session? How do I avoid lock outs?

iptables do not have pf like testing option. However, you can use a shell script and cron combo or just use the following syntax:
# /sbin/service iptables restart; sleep 20; /sbin/service iptables stop &
This way you can recover from bad syntax error. If you have your own script:
# /path/to/your.script.sh; sleep 20; /sbin/service iptables stop &
Above will allow you to test changes for a while and then turn off firewall completely. You will be able to login again using ssh after 20 seconds if locked out.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Your support makes a big difference:

I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft takes a lot of my time and hard work to produce. If everyone who reads nixCraft, who likes it, helps fund it, my future would be more secure. You can donate as little as $1 to support nixCraft: