Did you make mistakes while setting up the firewall rules?
Or perhaps you want to delete the firewall rules and start from scratch?
If so, flushing the iptables rules will be useful for you.
In this guide, I will show you how you can flush iptables and clear firewall rules on Debian 12 step-by-step.
Note: I’ll be using the Ubuntu 22.04 LTS version for demonstration purposes, but this can be applicable to Debian 12 and other Linux distributions.
What You’ll Need
Check if you have the following in place before proceeding with the steps below:
- A Linux server is installed (guide for Debian 12)
- Iptables installed (should be installed by default. If not, follow this guide to install)
- Familiarity with the command line interface and CLI commands (guide)
- Root account or sudo privileges (guide)
How to Flush the Iptables: Step-By-Step
Step 1: Check the Current iptables Rules
Before flushing any rule, you should list all the rules to prevent deleting an important rule.
Let me show you two ways to list iptables rules.
Both methods output the same information, so you can pick the method which is most convenient for you.
Option 1: Check Rules Specification Wise
- If you want to list all the rules according to specification, then run the below command:
sudo iptables -S
- You can also add some options to this command in order to list a specific chain. For example, I will add INPUT to see only that specific chain. You can also enter specifications like FORWARD, OUTPUT, TCP, or any other you’ve used to create a rule. Here’s the command:
sudo iptables -S INPUT
Take note the above output shows only specific chains according to the option you added.
Now, let’s see another way to list the rules.
Option 2: Check Rules Table Wise
For a more detailed and sorted view, you can list the rules in a table format by doing the following:
- To check the rules in tables, run the following command:
sudo iptables -L
- Like the previous method, you can also output specific rules by adding options. See the below command and example:
sudo iptables -L INPUT
Again, by adding the chain name INPUT, the output is limited to only the INPUT chain.
Once you’ve checked the iptables rules to see if you’re not deleting any important rules, you are now ready to flush them.
Step 2: Flush the Iptables Rules
You can flush or delete the rules in multiple ways:
Option 1: Flush Using -F or –flush
- If you want to flush all iptables rules in the table, then use the following command:
sudo iptables -F
This command removes all rules one by one if you don’t add any chain name as an option.
- But if you don’t intend to flush all rules and instead want to flush a single specific chain, you need to add that chain in the command like this:
sudo iptables -F INPUT
I’ve used the INPUT chain as an example, but depending on your needs, you can use any other chain.
- If you’d like to flush a table instead of chains, you can also do that. There are three tables: filter, nat, and mangle. You need to specify the table using the -t option in the command. If you don’t, then the filter table is assumed as default. Suppose you want to flush the nat table. Then the command for that will be as follows:
sudo iptables -t nat -F
Note: I specified the nat table with the -t flag and flushed it with the -F flag. Similarly, you can specify the other tables if that’s what you want.
Option 2: Flush Using -D or –delete
Other than flushing, you can also delete a chain rule specification. You can do that by adding the -D or –delete flag.
- To work with this command, you need to add the rule at the end of the command after the -D flag. Suppose I want to delete a rule in the INPUT chain of the filter table that prevents any sort of incoming SSH traffic. Then the command for that will be like this:
sudo iptables -D INPUT -p tcp --dport 22 -j ACCEPT
- So, all you have to do is add the rule after the command to delete it. To find the specific syntax of the rule, you can refer back to Step 1 of the guide to list the rule.
Another way to use this -D flag is by specifying the line number of the rule.
- For that, you need to find out the line number of the chain you want to work on. Find that line number with this command:
sudo iptables -L --line-numbers
As you can see, there’s a new column called num that displays a serial of all the rules listed:
- Note down the number of the rule you want to delete.
- No, you need to specify the number with the deletion command. So, if I wanted to delete the third rule of the table, I would use its line number with the command like this:
sudo iptables -D INPUT 3
That should delete the third rule in the table.
Option 3: Flush User-Defined Chains
If you have any user-defined chains (not the built-in ones on your system), you can also delete them.
For these kinds of chains, you use the -X option.
To delete a user-defined chain, you must meet two criteria:
- No rule must reference the chain. If there is a referring rule, you must delete or modify that first.
- The chain must be empty and contain no rules.
If you have a custom chain that fulfills these requirements, you can delete them by doing the following:
- To delete a specific user-defined chain, add that chain name to the command like this:
sudo iptables -X my_custom_chain
Instead of my_custom_chain, you input the name of your chain to delete that.
- If you want to delete all the custom chains, you can remove the name of any specific chain and enter the command as-is:
sudo iptables -X
That brings us to the end of this guide.
Be cautious of using specific commands, as deleting certain rules can cause security vulnerabilities, service disruption, or even lock you out of the system!
So take your time and check each command before you hit the ‘Enter’ key.
If you’re interested to learn more about firewalls? Check out our guide on how to set up one on your Linux system.
If this guide helped you, please share it.