Home / server / Questions / 233119
Accepted
Registered User
Asked: 2011-02-09 21:54:23 +0800 CST

How to temporarily stop iptables on Ubuntu

  • 772

I use IPTABLES in /etc/network/interfaces 

pre-up iptables-restore /etc/firewall.txt

I tried searching for some thing like /etc/init.d/iptables on Ubuntu but that does not seem to exist.So if I have to stop IPTABLE for temporarily for sysadmin work how can I do that?

ubuntu iptables

1 Answers

  1. Best Answer

    iptables is not a service, but a facility inside the kernel. That is why you can't stop it.

    If you ever need to stop iptables quickly, here's my suggestion:

    1. Configure your iptables to completion.

    2. Save the configuration first: iptables-save > /etc/iptables.conf

    3. Flush the iptables, and configure it 'open':

    • All policies set to ACCEPT
    • Configure all necessary NATs for your sysadmin to work
    • If you use Policy-Based Routing in the mangle table, also configure it as necessary
    1. Save the 'open' ruleset: iptables-save > /etc/open-iptables.conf

    Now, whenever you need to quickly 'disable' iptables, do:

    cat /etc/open-iptables.conf | iptables-restore.

    After that, 're-enable' iptables using:

    cat /etc/iptables.conf | iptables-restore

    ( iptables-restore < /etc/open-iptables.conf might also work; but I've read somewhere else that sometimes it doesn't work )

    ADD: Newer versions of iptables-restore can directly read from a file. So the above commands can be simplified to:

    iptables-restore /etc/open-iptables.conf
iptables-restore /etc/iptables.conf

    respectively.

    • 11