Skip to main content

Raymii.org Logo (IEC resistor symbol)logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

Reset iptables to ACCEPT all (backup and remove all existing rules)

Published: 03-09-2016 | Author: Remy van Elst | Text only version of this article


Table of Contents


Here's a small bash script that removes all iptables rules and sets up adefault ACCEPT ALL state. Before the reset, it creates a backup of the currentrules. I use this often to troubleshoot servers with networking issues. If youjust blindly do an iptables -F you might lock yourself out of a server sincethe INPUT policy might be DROP.

If you like this article, consider sponsoring me by trying out a Digital OceanVPS. With this link you'll get $100 credit for 60 days). (referral link)

Save the script to something like iptables-reset.sh and run it:

#!/bin/bashset -x # Echoset -e # Stop on errorset -o noclobber # Dont overwrite files with redirectioniptables-save > iptables.$(date +%s)echo "iptables saves to iptables.$(date +%s)"iptables -P INPUT ACCEPTiptables -P FORWARD ACCEPTiptables -P OUTPUT ACCEPTiptables -Fiptables -Xiptables -t nat -Fiptables -t nat -Xiptables -t mangle -Fiptables -t mangle -Xiptables -P INPUT ACCEPTiptables -P FORWARD ACCEPTiptables -P OUTPUT ACCEPT    echo done

It will not only save the current rules, but it will also echo out all thecommands so you can see what happened in your terminal history.

Tags: bash, blog, firewall, iptables