Showing posts with label iptables. Show all posts
Showing posts with label iptables. Show all posts

Thursday, July 9, 2015

Delete a nat rule in iptables

First of all I list all the rules including line numbers like this;

iptables -L -t nat –line-numbers

I then look at the output that will be similar to the below

In this example lets say I want to delete rule number 2 in the PREROUTING chain, I would enter the following;

iptables -t nat -D PREROUTING 2

In English the above line means remove line number 2 from the PREOUTING chain, I would then run the first command again to check my iptables file, then save the iptables file and restart the iptables service.

iptables -L -t nat –line-numbers

service iptables save

service iptables restart

All the above is carried out running on Centos, you may have to edit slightly for your particular distribution.

Sunday, October 19, 2014

Failed to issue method call: Unit iptables.service failed to load In Centos7

In RHEL 7 / CentOS 7, firewalld was introduced to manage iptables. IMHO, firewalld is more suited for workstations than for server environments.

It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:

systemctl stop firewalld
systemctl mask firewalld
Then, install the iptables-services package:

yum install iptables-services
Enable the service at boot-time:

systemctl enable iptables
Managing the service

systemctl [stop|start|restart] iptables
Systemctl doesn't seem to manage the save action like you were able to do in the past with service:

/usr/libexec/iptables/iptables.init save