How to Remove and Add Rules to IP Tables Chains in Centos Linux

Occasionally our IP Tables at work will block us. I finally got tired of looking up how to resolve this and decided to document the fix on my blog. I’m not a System Administrator (but by defacto rule I am) and I’m definitely not an IP Tables expert, so follow at your own risk. You’re IP Tables list is probably pretty long so you’ll want to pipe the output of iptables -L into a file to be viewed by VIM. This command will give you a rule number and a list. Be sure to see which chain the rule is in (ie INPUT, LOCALINPUT, LOCALOUTPUT etc).

Note, the -n switch just makes it not resolve host names in the file, which makes iptables dump go WAY faster. Find the offending rule that you would like to remove and copy it somewhere. You’ll probably want to perform a search in vim for the IP address or hostname. To do this press escape, then forward slash “/”, next type in the IP or hostname and press enter.

In this case I found two rules (actual host name removed for security):

Lets remove these by specifying the line number the chain the rule is in. Clear your IP Tables dump file, and rerun the IP Tables list command again to verify the rule is gone.

Now we probably want to prevent this from ever happening again. So lets add an allow rule for our hostname, simply replace “{hostname}” with your actual hostname. Once this step is complete dump your IP Tables to a tmp file and verify the change. Then finally verify by actually connecting to the server. In my case, I verified by establishing an SSH connection with the server.

Hope this helps someone. Respond with questions, comments, or enhancements to the process I used. Thanks.

Resources:
http://www.faqs.org/docs/iptables/commands.html
http://wiki.centos.org/HowTos/Network/IPTables


1 Comment

  • Chris says:

    Thanks, this procedure was exactly what I needed to remove a rule that got auto-added by one of our control panels (cPanel or WHM)

    Thanks again.