Disable IPTables Temporary – Ubuntu, Debian, CentOS

Posted on by admin

If you can’t access some service on a remote Linux machine with enabled iptables, this may be caused by the firewall rules.

To troubleshoot connectivity issues, you can temporary disable iptables to see if it is causing them, and then re-enable it.

This short note shows how to temporary disable iptables on Linux (Ubuntu, Debian, CentOS, etc.) for maintenance or troubleshooting, and then re-enable it.

Disable IPTables Temporary

Become a root:

sudo su -

Make a backup of the current firewall rules:

iptables-save > /root/iptables.backup

To temporary disable the iptables, run the following commands:

# Accept all traffic to avoid SSH lockdown
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

# Delete all iptables chains, rules and counters
iptables -F
iptables -X
iptables -Z

# Delete all NAT, mangle and raw tables
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X

Now, if you list the iptables rules you should see the following:

iptables -L
- sample output -
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

To re-enable the iptables simply restore the rules:

iptables-restore < /root/iptables.backup

Cool Tip: Have disable the iptables but the needed application still doesn't work? Try to disable SELinux! Read more →

To temporary disable the IPv6 firewall, use all the above commands in the same order, but just replace all the iptables with ip6tables.

Backup the ip6tables firewall rules:

ip6tables-save > /root/ip6tables.backup

Temporary disable the ip6tables firewall:

# Accept all traffic to avoid SSH lockdown
ip6tables -P INPUT ACCEPT
ip6tables -P OUTPUT ACCEPT
ip6tables -P FORWARD ACCEPT

# Delete all iptables chains, rules and counters
ip6tables -F
ip6tables -X
ip6tables -Z

# Delete all NAT, mangle and raw tables
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -t raw -F
ip6tables -t raw -X

Restore the ip6tables firewall:

ip6tables-save < /root/ip6tables.backup
Was it useful? Share this post with the world!
No comments yet
iptables

Leave a Reply