Reset iptables to ACCEPT all (backup and remove all existing rules)

03-09-2016 | Remy van Elst


Table of Contents


Here's a small bash script that removes all iptables rules and sets up a default ACCEPT ALL state. Before the reset, it creates a backup of the current rules. I use this often to troubleshoot servers with networking issues. If you just blindly do an iptables -F you might lock yourself out of a server since the INPUT policy might be DROP.

Save the script to something like iptables-reset.sh and run it:

#!/bin/bash
set -x # Echo
set -e # Stop on error
set -o noclobber # Dont overwrite files with redirection

iptables-save > iptables.$(date +%s)

echo "iptables saves to iptables.$(date +%s)"

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

    echo done

It will not only save the current rules, but it will also echo out all the commands so you can see what happened in your terminal history.


Tags: bash, firewall, iptables,