How do I temporarily (or permanently) flush / wipe my iptables?
I am having connection issues with my server, and I want to know if it is related to my service or my firewall. I would like to flush my iptables to either audit my rules or start from scratch. How can I go about this?
First you'll want to backup your iptables rules in case you want to reload them or edit them later. You can do so with the following commands:
sudo iptables-save > /root/firewall.rules sudo ip6tables-save > /root/firewall6.rules
Then you can flush your firewall rules with the following commands:
sudo iptables -F sudo iptables -X sudo iptables -t nat -F sudo iptables -t nat -X sudo iptables -t mangle -F sudo iptables -t mangle -X sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT
Then you can check to see if you're still having an issue.
For reference if you need to restore the rules that we saved, you can do so with the following commands:
sudo iptables-restore < /root/firewall.rules sudo ip6tables-restore < /root/firewall6.rules
If you are using UFW, you may reset your UFW rules using the following command:
sudo ufw reset
UFW will automatically back up your existing rules, but in case you would prefer to do so yourself, you may back up your existing rules set by copying the following files to a secure, off-site location:
Once you reset your UFW rules, UFW will disable itself. Before re-enabling UFW, I strongly advise allowing SSH connections:
sudo ufw allow ssh
If you are using a non-standard SSH port, you should specify so manually like this:
sudo ufw allow 23819/tcp
Be sure to replace
23819 with the actual TCP port number your SSH connection is using.
Once you re-allow your SSH connection through UFW, you should be able to safely re-enable UFW without locking yourself out of your Linode:
sudo ufw enable
You should now be enjoying a clean slate of UFW firewall rules which you may customize as you so please. For more information on UFW, you may consult this article from our Documentation:
If you end up locking yourself out of your Linode, you may perform administrative tasks such as these from your Linode's Lish console using the information from this article:
I wanted to add a quick note to this for IPv6. When flushing the firewall, you should re-run the set of commands using
ip6tables to flush the IPv6 firewall, as well:
sudo ip6tables-save > ip6tables.bak sudo ip6tables -F sudo ip6tables -X sudo ip6tables -t nat -F sudo ip6tables -t nat -X sudo ip6tables -t mangle -F sudo ip6tables -t mangle -X sudo ip6tables -P INPUT ACCEPT sudo ip6tables -P FORWARD ACCEPT sudo ip6tables -P OUTPUT ACCEPT
I flushes the iptables, reset the ufw, still only ports open are 3:
There is another firewall that I don't know, that is blocking things.
Starting Nmap 7.60 ( https://nmap.org ) at 2022-01-13 23:14 -05
Nmap scan report for mail.agencia.click (22.214.171.124)
Host is up (0.0000070s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
Even activated the cloud firewall that open ports 21 and 25, but it is been ignoring this.
How could I disable that firewall? or all firewalls?