HowTo Disable The Iptables Firewall in Linux

I need to disable firewall in Linux for testing purpose. I’m using CentOS and RHEL version 4.4 / 5 / 6. How do I disable the firewall in Linux?

A Linux firewall is software based firewall that provides protection between your server (workstation) and damaging content on the Internet or network. It will try to guard your computer against both malicious users and software such as viruses/worms.

Task: Disable / Turn off Linux Firewall (Red hat/CentOS/Fedora Core)

Type the following two commands (you must login as the root user):
# /etc/init.d/iptables save
# /etc/init.d/iptables stop

Turn off firewall on boot:
# chkconfig iptables off

Task: Enable / Turn on Linux Firewall (Red hat/CentOS/Fedora Core)

Type the following command to turn on iptables firewall:
# /etc/init.d/iptables start
Turn on firewall on boot:
# chkconfig iptables on

Check out related media

See firewall start and stop video tutorial:

A note about other Linux distribution

If you are using other Linux distribution such as Debian / Ubuntu / Suse / Slakcware Linux etc., try the following generic procedure. First, save the current firewall rules, type:
# iptables-save > /root/firewall.rules
$ sudo iptables-save > /root/firewall.rules
Next, type the following commands (login as the root) as bash prompt:

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT

Or create a shell script as follows and run it to disable the firewall:

# reset.fw - Reset firewall
# set x to 0 - No reset
# set x to 1 - Reset firewall
# ---------------------------------------------------------------------------------------------------------------
# Added support for IPV6 Firewall
# ---------------------------------------------------------------------------------------------------------------
# Written by Vivek Gite <>
# ---------------------------------------------------------------------------------------------------------------
# You can copy / paste / redistribute this script under GPL version 2.0 or above
# =============================================================
# set to true if it is CentOS / RHEL / Fedora box
### no need to edit below  ###
if [ "$x" == "1" ];
	if [ "$RHEL" == "true" ];
	      # reset firewall using redhat script
		/etc/init.d/iptables stop
		/etc/init.d/ip6tables stop
		# for all other Linux distro use following rules to reset firewall
		### reset ipv4 iptales ###
		$IPT -F
		$IPT -X
		$IPT -Z
		for table in $(</proc/net/ip_tables_names)
			$IPT -t $table -F
			$IPT -t $table -X
			$IPT -t $table -Z
		### reset ipv6 iptales ###
		$IPT6 -F
		$IPT6 -X
		$IPT6 -Z
		for table in $(</proc/net/ip6_tables_names)
			$IPT6 -t $table -F
			$IPT6 -t $table -X
			$IPT6 -t $table -Z

To restore or turn on firewall type the following command:
# iptables-restore

GUI tools

If you are using GUI desktop firewall tools such as 'firestarter', use the same tool to stop the firewall. Visit:
System > Administration > firestarter > Click on Stop Firewall button:
Sample outputs:

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 28 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
28 comments… add one
  • mike Nov 23, 2007 @ 14:37

    you can get the status of iptables with the following

    service iptables status

    service iptables help gives:

    Usage: /etc/init.d/iptables {start|stop|restart|condrestart|status|panic|save}

    • hanumanaik Feb 9, 2011 @ 8:14

      how to insatall CentOS 4.3 in VMWere

      • Gregory May 3, 2011 @ 14:16

        Same as on a machine…

  • Photos of China Jul 4, 2008 @ 7:29

    I have this error on centOS

    /etc/init.d/iptables save
    Usage /etc/init.d/iptables {start|output_int|stop|restart|status}

  • 🐧 nixCraft Jul 4, 2008 @ 8:19

    Are you sure you got CentOS? Another option is
    iptables-save > /root/working.fw

  • Flash32 Oct 30, 2008 @ 16:06

    Thanks Guys!!!

  • Robert Dec 24, 2008 @ 15:32

    The easy way to do this is:

    chkconfig iptables off

    then to re-enable

    chkconfig –level 345 iptables on

  • joe Jan 5, 2009 @ 19:56

    on fedora, once you enabled firwalls/selinux during installation, I can never make nfs boot or ftp works. you can see firewall disabled, iptables disabled, yet no help. Either selinux or fedora GUI has bugs, what I get:
    Loading: TFTP error 2: Only absolute filenames allowed
    to our people, the selinux is a nightmare. forget what the system told you. selinux adds extension to file attributes then some garbage cannot be removed.

  • Amie Jan 7, 2009 @ 20:32

    Hi – first time here and really need some help!

    I gave my father in law a netbook for Xmas with Linux as an operating system but cannot connect to Sky broadband. Sky unable to help, any ideas??

  • Manu Anand Jan 9, 2009 @ 23:36

    Hey Amie:

    Try connecting with a ethernet cable.
    If that works then try KDE’s network manager.


  • Tomas Feb 27, 2009 @ 15:08

    Really Thanks

  • Ashwani Apr 9, 2009 @ 1:50

    Thanks for help….

    FTP can be accessed by stop IP tables.

  • mallikarjun goud Nov 15, 2009 @ 7:01

    how to stop iptables with out chkconfig iptables off command………………..plz help me out

  • Kapil Ahire Mar 17, 2010 @ 4:17

    Thanks All Of you

  • Alex Mar 30, 2010 @ 15:26


    I have a problem starting iptables:

    [root@myserver ~]# /etc/init.d/iptables start
    [root@myserver ~]# /etc/init.d/iptables status
    Firewall is stopped.

    [root@myserver ~]# rpm -q iptables

    Please help me solve this problem.

  • neha soni Apr 3, 2010 @ 11:06

    how can we stop the iptables service in ubuntu???
    i have tried “services iptables stop” but it is giving “unrecognized service”.
    is there any other command or method to do so???

    • Yogesh Kumar Apr 16, 2010 @ 5:19

      /etc/init.d/iptables status

      if running than to stop

      /etc/init.d/iptables stop

  • vijay Apr 17, 2010 @ 20:32

    I am very confused about iptables status.

    I stopped my iptables by running ” service iptables stop”, later on i checked wheter it is really running or not by running “service iptables status”. It shows me ” Firewall is disabled”. If I run iptables -L it shows me the list of INPUT/OUTPUT/FORWARD Chains. If again i will run ” service iptables status” it will show me againall chains. What it really means, does iptables start auutomatically when I type ” iptables -L”? Please reply lots of confusion!!!

    Thanks in advance.


  • maansingh Jun 22, 2010 @ 16:48

    dear sir ,
    how can i configure the firewall

  • quan Sep 13, 2010 @ 5:53

    I make iptable stop but not start it

    [root@FreeSX ~]# /etc/init.d/iptables start
    Applying iptables firewall rules: iptables-restore: line 1 failed
    [root@FreeSX ~]# /etc/init.d/iptables status
    Firewall is stopped.

    plz help me as soon as possible

  • Tyler Apr 19, 2011 @ 20:10

    Debian Stable doesn’t seem to have an init.d script, or the services application, or the chkconfig application. How does one start/stop/restart the iptables service on Debian?

  • jokish May 13, 2011 @ 15:35

    Thankss a lot ………………………….. gud to learn

  • ram Nov 6, 2011 @ 19:40

    To stop firewall during bootup aka permanently

    [root@ssd optimized]# chkconfig –list | grep iptables
    iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
    [root@ssd optimized]# chkconfig –level 345 iptables off
    [root@ssd optimized]# chkconfig –list | grep iptables
    iptables 0:off 1:off 2:on 3:off 4:off 5:off 6:off

  • Inversys Nov 12, 2011 @ 17:12

    Thanks for all.

  • Harshal Sep 5, 2012 @ 5:58


  • Brian Oct 19, 2012 @ 15:47

    For ubuntu/debian servers, it is better to run default policy change, “iptables -P INPUT ACCEPT” before “iptables -F”, otherwise you will lose current connections immediately if your default policy was set to DENY

    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -P FORWARD ACCEPT

    iptables -F
    iptables -X
    iptables -t nat -F
    iptables -t nat -X
    iptables -t mangle -F
    iptables -t mangle -X

    This should be applied to the script file too.

  • Bhagya Raj Jan 24, 2015 @ 6:42

    Thank You Very Much.

  • Mukundan Oct 15, 2015 @ 3:57

    Thanks. It helped me. :)

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum