iptables -F lock me out
After i type
iptables -F
server goes down. Can’t connect to web or ssh, seems all connection is locked by iptables.
SOLUTION
This is because the chain policy for the firewall input chain was set to DROP
check with “iptables –list” you will see “Chain INPUT (policy DROP)”.
[root@server52 ~]# iptables -L |grep Chain Chain INPUT (policy DROP) Chain FORWARD (policy DROP) Chain OUTPUT (policy DROP) Chain GALLOW (2 references) Chain INVALID (2 references) Chain INVDROP (10 references) Chain LOGDROPIN (1 references) Chain LOGDROPOUT (1 references) [root@server52 ~]#
If this is the case, before you run a flush, ensure you set the input chain policy to ACCEPT by running.
iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F service iptables save
Then you will be able to run iptables -F without any problem.
When you try modifying firewall rules, better set a cronjob with following commands that run every 5 or 10 minutes, so if you get locked out, you will be able to get access again after the cronjob runs.
iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F
See iptables