Manually flush iptables in rescue mode

iptables ubuntu-12.04

7,052

grml won't actually have loaded your hosts' iptables rules, so they won't be available.

If you followed some popular guides and are using NetworkManager, then you might find the rules located in /etc/iptables.*, so removing them (or providing an empty file) upon startup might be your best bet.

It all boils down to how you saved the rules to begin with, so any details on how you got there to begin with would be helpful.

You could also try appending this segment to your server's startup, probably /etc/rc.local:

#!/bin/sh -e
sudo iptables -X
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t mangle -F
sudo iptables -t mangle -X
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

Please remember that when in grml, you're running another version of Linux, so you'd have to mount your disk, and modify those files, not the running grml environment.

7,052

user2302838

Updated on September 18, 2022

Comments

user2302838 almost 2 years
I ruined iptables and I can't connect to my Ubuntu 12.04.03 server... I activated rescue mode (grml) and this is what I get when I try to flush it:
```
root@grml:/# iptables -F
FATAL: Could not load /lib/modules/3.7-1-grml-amd64/modules.dep: No such file or directory
iptables v1.4.12: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
```
I could not find anything in google. This is really important, if you can help, please...
- Braiam over 10 years
  
  Did you used iptables-save?
- Dennis Kaarsemaker over 10 years
  
  iptables doesn't work that way. Unless you saved the firewall state and caused it to be applied on reboot, a simple reboot is enough to flush the firewall state. If you did save firewall state and caused it to be applied on boot, you will need to tell us how you did that, as Ubuntu has no standard way of doing this.
- user2302838 over 10 years
  
  No, I just messed with the rules. I restarted my server few times but it did not resetted.
- Braiam over 10 years
  
  You need to tell us how where you save the rules. iptables are not persistent to reboot, you either should be used iptables-save, some script at boot time, ufw (?), etc.
- krisFR over 10 years
  
  Also have a look at /etc/rc.local or /etc/init.d/rc.local for a boot time script for iptables
bar5um over 9 years

There can't be that many ways he could've used to save his rules.. presumably either in an iptables configuration file he loads with iptables-restore or through a script, so I don't see why you can't cover whatever possibilities there are for how he saved his rules, rather than requiring the specific way he used to save his rules. It's more useful to others if the answer covers any case, where it's possible to cover it, so if there aren't too many cases. And I doubt there can be that many cases in how he saved his rules
Mike Fiedler about 9 years

@user2302838 Any update on this? Hope it helped out, never heard back from you.
bar5um about 9 years

check his profile, he was last seen dec 28th 2013. But you should know that your answer still has value whether it helped him or not.