Delete specific matching iptables rule

I had the scenario where I needed to allow telnet access from a server to a device which blocked telnet by default, I added the rule on the device using

iptables -I INPUT 1 -p tcp -s 10.10.10.10 --dport 23 -j ACCEPT

UsingĀ  INPUT 1 meant it was added as the first rule in iptables thus would be run before the one blocking all telnet. The problem came when it came to deleting rule as there was no easy way to ascertain if new rules had been added to the top of the chain meaning my rule was no longer number 1. To get round this I need to delete the specific rule I had created and this is how I did it. On the device I did

iptables-save |grep 10.10.10.10

this outputted

-A INPUT -s 10.10.10.10/32 -p tcp -m tcp --dport 23 -j ACCEPT

to delete all I needed to do was replace the -A with -D

iptables -D INPUT -s 10.10.10.10 -p tcp -m tcp --dport 23 -j ACCEPT

Obviously tweak to suit your own situation.

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked *