How to make sure that iptables is completely disable?
Clash Royale CLAN TAG#URR8PPP
up vote
2
down vote
favorite
I want to disable iptables completely. I followed the instruction like
/etc/init.d/iptables close
it said there No such file or directory
[root@dataapp02 tmp]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
And I found another command firewalld
[root@dataapp02 tmp]# service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
So far I am not sure iptables are disabled or not?
How do I check whether iptables disabled or not.
On my computer I can open
http://mirror.centos.org/centos/7/os/x86_64/repodata/repomd.xml
But on the on-premises computer with firewall, iptables and http proxy whitelist, it said the connection time out.
security iptables firewall
 |Â
show 6 more comments
up vote
2
down vote
favorite
I want to disable iptables completely. I followed the instruction like
/etc/init.d/iptables close
it said there No such file or directory
[root@dataapp02 tmp]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
And I found another command firewalld
[root@dataapp02 tmp]# service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
So far I am not sure iptables are disabled or not?
How do I check whether iptables disabled or not.
On my computer I can open
http://mirror.centos.org/centos/7/os/x86_64/repodata/repomd.xml
But on the on-premises computer with firewall, iptables and http proxy whitelist, it said the connection time out.
security iptables firewall
1
close iptables - what do you mean by close. You wish disable iptables completely or you wish to stop connections from your computer to outside world.
â MolbOrg
May 1 '16 at 23:56
Sorry, what I am saying is disable iptables completely.
â cdhit
May 2 '16 at 0:19
iptables --list | grep policy
try also without grep - take look if some rules are on and default policy. also take look that there is video, it may help you to get started. And this specially 2. Getting Started
â MolbOrg
May 2 '16 at 1:01
1
also this ubuntu question
â MolbOrg
May 2 '16 at 1:03
1
@cdhit it means iptables are enabled, mean they may work. Because of youriptables -L
results - it mean no filter rules applyed, so you may think that iptables do nothing at the moment, if you have connection. If you wish disable technical capabilitys for iptables to work, accepted answer in ubuntu question above is for you.
â MolbOrg
May 2 '16 at 13:43
 |Â
show 6 more comments
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I want to disable iptables completely. I followed the instruction like
/etc/init.d/iptables close
it said there No such file or directory
[root@dataapp02 tmp]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
And I found another command firewalld
[root@dataapp02 tmp]# service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
So far I am not sure iptables are disabled or not?
How do I check whether iptables disabled or not.
On my computer I can open
http://mirror.centos.org/centos/7/os/x86_64/repodata/repomd.xml
But on the on-premises computer with firewall, iptables and http proxy whitelist, it said the connection time out.
security iptables firewall
I want to disable iptables completely. I followed the instruction like
/etc/init.d/iptables close
it said there No such file or directory
[root@dataapp02 tmp]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
And I found another command firewalld
[root@dataapp02 tmp]# service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service
So far I am not sure iptables are disabled or not?
How do I check whether iptables disabled or not.
On my computer I can open
http://mirror.centos.org/centos/7/os/x86_64/repodata/repomd.xml
But on the on-premises computer with firewall, iptables and http proxy whitelist, it said the connection time out.
security iptables firewall
security iptables firewall
edited Feb 28 at 13:24
Kiwy
5,59543353
5,59543353
asked May 1 '16 at 21:13
cdhit
97313
97313
1
close iptables - what do you mean by close. You wish disable iptables completely or you wish to stop connections from your computer to outside world.
â MolbOrg
May 1 '16 at 23:56
Sorry, what I am saying is disable iptables completely.
â cdhit
May 2 '16 at 0:19
iptables --list | grep policy
try also without grep - take look if some rules are on and default policy. also take look that there is video, it may help you to get started. And this specially 2. Getting Started
â MolbOrg
May 2 '16 at 1:01
1
also this ubuntu question
â MolbOrg
May 2 '16 at 1:03
1
@cdhit it means iptables are enabled, mean they may work. Because of youriptables -L
results - it mean no filter rules applyed, so you may think that iptables do nothing at the moment, if you have connection. If you wish disable technical capabilitys for iptables to work, accepted answer in ubuntu question above is for you.
â MolbOrg
May 2 '16 at 13:43
 |Â
show 6 more comments
1
close iptables - what do you mean by close. You wish disable iptables completely or you wish to stop connections from your computer to outside world.
â MolbOrg
May 1 '16 at 23:56
Sorry, what I am saying is disable iptables completely.
â cdhit
May 2 '16 at 0:19
iptables --list | grep policy
try also without grep - take look if some rules are on and default policy. also take look that there is video, it may help you to get started. And this specially 2. Getting Started
â MolbOrg
May 2 '16 at 1:01
1
also this ubuntu question
â MolbOrg
May 2 '16 at 1:03
1
@cdhit it means iptables are enabled, mean they may work. Because of youriptables -L
results - it mean no filter rules applyed, so you may think that iptables do nothing at the moment, if you have connection. If you wish disable technical capabilitys for iptables to work, accepted answer in ubuntu question above is for you.
â MolbOrg
May 2 '16 at 13:43
1
1
close iptables - what do you mean by close. You wish disable iptables completely or you wish to stop connections from your computer to outside world.
â MolbOrg
May 1 '16 at 23:56
close iptables - what do you mean by close. You wish disable iptables completely or you wish to stop connections from your computer to outside world.
â MolbOrg
May 1 '16 at 23:56
Sorry, what I am saying is disable iptables completely.
â cdhit
May 2 '16 at 0:19
Sorry, what I am saying is disable iptables completely.
â cdhit
May 2 '16 at 0:19
iptables --list | grep policy
try also without grep - take look if some rules are on and default policy. also take look that there is video, it may help you to get started. And this specially 2. Getting Startedâ MolbOrg
May 2 '16 at 1:01
iptables --list | grep policy
try also without grep - take look if some rules are on and default policy. also take look that there is video, it may help you to get started. And this specially 2. Getting Startedâ MolbOrg
May 2 '16 at 1:01
1
1
also this ubuntu question
â MolbOrg
May 2 '16 at 1:03
also this ubuntu question
â MolbOrg
May 2 '16 at 1:03
1
1
@cdhit it means iptables are enabled, mean they may work. Because of your
iptables -L
results - it mean no filter rules applyed, so you may think that iptables do nothing at the moment, if you have connection. If you wish disable technical capabilitys for iptables to work, accepted answer in ubuntu question above is for you.â MolbOrg
May 2 '16 at 13:43
@cdhit it means iptables are enabled, mean they may work. Because of your
iptables -L
results - it mean no filter rules applyed, so you may think that iptables do nothing at the moment, if you have connection. If you wish disable technical capabilitys for iptables to work, accepted answer in ubuntu question above is for you.â MolbOrg
May 2 '16 at 13:43
 |Â
show 6 more comments
3 Answers
3
active
oldest
votes
up vote
0
down vote
iptables is a tool that allows you to control netfilter. You can't "disable" iptables but you can ensure that netfilter is not interfering with your network traffic.
Permit all traffic and flush all rules:
iptables -P INPUT ACCEPT # ensure that default policy is ACCEPT
iptables -F INPUT # flush all input rules
iptables -P FORWARD ACCEPT
iptables -F FORWARD
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -t nat -F PREROUTING # flush the NAT tables
iptables -t nat -F INPUT
iptables -t nat -F OUTPUT
iptables -t nat -F POSTROUTING
It's up to you to replicate the same pattern on the IPv6 stack (using ip6tables) and work out how to make these changes permanent. It could be iptables-save > /etc/iptables/rules.v4
(for v4) but not guaranteed.
add a comment |Â
up vote
0
down vote
My understanding is that what you seem to want is impossible (or very difficult). I don't think there's any easy way to truly remove the firewall functionality from the operating system. The best you can do, I think, is configure the OS to allow all network traffic.
The simplest, most straight-forward way I know of to accept all network traffic is to use the iptables-restore
and ip6tables-restore
commands to clear out all of the firewall rules and reset the policies to ACCEPT
. You can use a settings file such as the following:
# accept-all.iptables
# Clear all iptables rules
# Load using iptables-restore and ip6tables-restore
*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
This format is read by iptables-restore
and written by iptables-save
.
You could then clear the IP4 rules using iptables-restore
as follows:
sudo iptables-restore accept-all.iptables
And you could clear the IP6 rules using ip6tables-restore
as follows:
sudo ip6tables-restore accept-all.iptables
Or you could do both at once:
cat accept-all.iptables
| tee >(ip6tables-restore)
| iptables-restore
The way to make these settings persist would depend on your OS. On Debian, for example, there is an iptables-persistent
package which was designed for this purpose.
add a comment |Â
up vote
-1
down vote
/sbin/iptables -L
Will list all the active rules.
2
Actually it won't. It will list all the rules in the (default)filter
table. There are also thenat
andmangle
andsecurity
tables.
â roaima
May 2 '16 at 9:30
This is the result ofiptables -L
. @symcbeanChain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
iptables is a tool that allows you to control netfilter. You can't "disable" iptables but you can ensure that netfilter is not interfering with your network traffic.
Permit all traffic and flush all rules:
iptables -P INPUT ACCEPT # ensure that default policy is ACCEPT
iptables -F INPUT # flush all input rules
iptables -P FORWARD ACCEPT
iptables -F FORWARD
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -t nat -F PREROUTING # flush the NAT tables
iptables -t nat -F INPUT
iptables -t nat -F OUTPUT
iptables -t nat -F POSTROUTING
It's up to you to replicate the same pattern on the IPv6 stack (using ip6tables) and work out how to make these changes permanent. It could be iptables-save > /etc/iptables/rules.v4
(for v4) but not guaranteed.
add a comment |Â
up vote
0
down vote
iptables is a tool that allows you to control netfilter. You can't "disable" iptables but you can ensure that netfilter is not interfering with your network traffic.
Permit all traffic and flush all rules:
iptables -P INPUT ACCEPT # ensure that default policy is ACCEPT
iptables -F INPUT # flush all input rules
iptables -P FORWARD ACCEPT
iptables -F FORWARD
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -t nat -F PREROUTING # flush the NAT tables
iptables -t nat -F INPUT
iptables -t nat -F OUTPUT
iptables -t nat -F POSTROUTING
It's up to you to replicate the same pattern on the IPv6 stack (using ip6tables) and work out how to make these changes permanent. It could be iptables-save > /etc/iptables/rules.v4
(for v4) but not guaranteed.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
iptables is a tool that allows you to control netfilter. You can't "disable" iptables but you can ensure that netfilter is not interfering with your network traffic.
Permit all traffic and flush all rules:
iptables -P INPUT ACCEPT # ensure that default policy is ACCEPT
iptables -F INPUT # flush all input rules
iptables -P FORWARD ACCEPT
iptables -F FORWARD
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -t nat -F PREROUTING # flush the NAT tables
iptables -t nat -F INPUT
iptables -t nat -F OUTPUT
iptables -t nat -F POSTROUTING
It's up to you to replicate the same pattern on the IPv6 stack (using ip6tables) and work out how to make these changes permanent. It could be iptables-save > /etc/iptables/rules.v4
(for v4) but not guaranteed.
iptables is a tool that allows you to control netfilter. You can't "disable" iptables but you can ensure that netfilter is not interfering with your network traffic.
Permit all traffic and flush all rules:
iptables -P INPUT ACCEPT # ensure that default policy is ACCEPT
iptables -F INPUT # flush all input rules
iptables -P FORWARD ACCEPT
iptables -F FORWARD
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -t nat -F PREROUTING # flush the NAT tables
iptables -t nat -F INPUT
iptables -t nat -F OUTPUT
iptables -t nat -F POSTROUTING
It's up to you to replicate the same pattern on the IPv6 stack (using ip6tables) and work out how to make these changes permanent. It could be iptables-save > /etc/iptables/rules.v4
(for v4) but not guaranteed.
answered Feb 28 at 12:45
Pedro
60929
60929
add a comment |Â
add a comment |Â
up vote
0
down vote
My understanding is that what you seem to want is impossible (or very difficult). I don't think there's any easy way to truly remove the firewall functionality from the operating system. The best you can do, I think, is configure the OS to allow all network traffic.
The simplest, most straight-forward way I know of to accept all network traffic is to use the iptables-restore
and ip6tables-restore
commands to clear out all of the firewall rules and reset the policies to ACCEPT
. You can use a settings file such as the following:
# accept-all.iptables
# Clear all iptables rules
# Load using iptables-restore and ip6tables-restore
*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
This format is read by iptables-restore
and written by iptables-save
.
You could then clear the IP4 rules using iptables-restore
as follows:
sudo iptables-restore accept-all.iptables
And you could clear the IP6 rules using ip6tables-restore
as follows:
sudo ip6tables-restore accept-all.iptables
Or you could do both at once:
cat accept-all.iptables
| tee >(ip6tables-restore)
| iptables-restore
The way to make these settings persist would depend on your OS. On Debian, for example, there is an iptables-persistent
package which was designed for this purpose.
add a comment |Â
up vote
0
down vote
My understanding is that what you seem to want is impossible (or very difficult). I don't think there's any easy way to truly remove the firewall functionality from the operating system. The best you can do, I think, is configure the OS to allow all network traffic.
The simplest, most straight-forward way I know of to accept all network traffic is to use the iptables-restore
and ip6tables-restore
commands to clear out all of the firewall rules and reset the policies to ACCEPT
. You can use a settings file such as the following:
# accept-all.iptables
# Clear all iptables rules
# Load using iptables-restore and ip6tables-restore
*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
This format is read by iptables-restore
and written by iptables-save
.
You could then clear the IP4 rules using iptables-restore
as follows:
sudo iptables-restore accept-all.iptables
And you could clear the IP6 rules using ip6tables-restore
as follows:
sudo ip6tables-restore accept-all.iptables
Or you could do both at once:
cat accept-all.iptables
| tee >(ip6tables-restore)
| iptables-restore
The way to make these settings persist would depend on your OS. On Debian, for example, there is an iptables-persistent
package which was designed for this purpose.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
My understanding is that what you seem to want is impossible (or very difficult). I don't think there's any easy way to truly remove the firewall functionality from the operating system. The best you can do, I think, is configure the OS to allow all network traffic.
The simplest, most straight-forward way I know of to accept all network traffic is to use the iptables-restore
and ip6tables-restore
commands to clear out all of the firewall rules and reset the policies to ACCEPT
. You can use a settings file such as the following:
# accept-all.iptables
# Clear all iptables rules
# Load using iptables-restore and ip6tables-restore
*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
This format is read by iptables-restore
and written by iptables-save
.
You could then clear the IP4 rules using iptables-restore
as follows:
sudo iptables-restore accept-all.iptables
And you could clear the IP6 rules using ip6tables-restore
as follows:
sudo ip6tables-restore accept-all.iptables
Or you could do both at once:
cat accept-all.iptables
| tee >(ip6tables-restore)
| iptables-restore
The way to make these settings persist would depend on your OS. On Debian, for example, there is an iptables-persistent
package which was designed for this purpose.
My understanding is that what you seem to want is impossible (or very difficult). I don't think there's any easy way to truly remove the firewall functionality from the operating system. The best you can do, I think, is configure the OS to allow all network traffic.
The simplest, most straight-forward way I know of to accept all network traffic is to use the iptables-restore
and ip6tables-restore
commands to clear out all of the firewall rules and reset the policies to ACCEPT
. You can use a settings file such as the following:
# accept-all.iptables
# Clear all iptables rules
# Load using iptables-restore and ip6tables-restore
*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
This format is read by iptables-restore
and written by iptables-save
.
You could then clear the IP4 rules using iptables-restore
as follows:
sudo iptables-restore accept-all.iptables
And you could clear the IP6 rules using ip6tables-restore
as follows:
sudo ip6tables-restore accept-all.iptables
Or you could do both at once:
cat accept-all.iptables
| tee >(ip6tables-restore)
| iptables-restore
The way to make these settings persist would depend on your OS. On Debian, for example, there is an iptables-persistent
package which was designed for this purpose.
answered Feb 28 at 15:40
igal
4,870930
4,870930
add a comment |Â
add a comment |Â
up vote
-1
down vote
/sbin/iptables -L
Will list all the active rules.
2
Actually it won't. It will list all the rules in the (default)filter
table. There are also thenat
andmangle
andsecurity
tables.
â roaima
May 2 '16 at 9:30
This is the result ofiptables -L
. @symcbeanChain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
add a comment |Â
up vote
-1
down vote
/sbin/iptables -L
Will list all the active rules.
2
Actually it won't. It will list all the rules in the (default)filter
table. There are also thenat
andmangle
andsecurity
tables.
â roaima
May 2 '16 at 9:30
This is the result ofiptables -L
. @symcbeanChain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
add a comment |Â
up vote
-1
down vote
up vote
-1
down vote
/sbin/iptables -L
Will list all the active rules.
/sbin/iptables -L
Will list all the active rules.
answered May 2 '16 at 0:59
symcbean
2,25911121
2,25911121
2
Actually it won't. It will list all the rules in the (default)filter
table. There are also thenat
andmangle
andsecurity
tables.
â roaima
May 2 '16 at 9:30
This is the result ofiptables -L
. @symcbeanChain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
add a comment |Â
2
Actually it won't. It will list all the rules in the (default)filter
table. There are also thenat
andmangle
andsecurity
tables.
â roaima
May 2 '16 at 9:30
This is the result ofiptables -L
. @symcbeanChain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
2
2
Actually it won't. It will list all the rules in the (default)
filter
table. There are also the nat
and mangle
and security
tables.â roaima
May 2 '16 at 9:30
Actually it won't. It will list all the rules in the (default)
filter
table. There are also the nat
and mangle
and security
tables.â roaima
May 2 '16 at 9:30
This is the result of
iptables -L
. @symcbean Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
This is the result of
iptables -L
. @symcbean Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
â cdhit
May 2 '16 at 9:34
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f280459%2fhow-to-make-sure-that-iptables-is-completely-disable%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
close iptables - what do you mean by close. You wish disable iptables completely or you wish to stop connections from your computer to outside world.
â MolbOrg
May 1 '16 at 23:56
Sorry, what I am saying is disable iptables completely.
â cdhit
May 2 '16 at 0:19
iptables --list | grep policy
try also without grep - take look if some rules are on and default policy. also take look that there is video, it may help you to get started. And this specially 2. Getting Startedâ MolbOrg
May 2 '16 at 1:01
1
also this ubuntu question
â MolbOrg
May 2 '16 at 1:03
1
@cdhit it means iptables are enabled, mean they may work. Because of your
iptables -L
results - it mean no filter rules applyed, so you may think that iptables do nothing at the moment, if you have connection. If you wish disable technical capabilitys for iptables to work, accepted answer in ubuntu question above is for you.â MolbOrg
May 2 '16 at 13:43