iptables -F lock me out

After i type

iptables -F

server goes down. Can’t connect to web or ssh, seems all connection is locked by iptables.

SOLUTION

This is because the chain policy for the firewall input chain was set to DROP

check with “iptables –list” you will see “Chain INPUT (policy DROP)”.

[root@server52 ~]# iptables -L |grep Chain
Chain INPUT (policy DROP)
Chain FORWARD (policy DROP)
Chain OUTPUT (policy DROP)
Chain GALLOW (2 references)
Chain INVALID (2 references)
Chain INVDROP (10 references)
Chain LOGDROPIN (1 references)
Chain LOGDROPOUT (1 references)
[root@server52 ~]#

If this is the case, before you run a flush, ensure you set the input chain policy to ACCEPT by running.

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
service iptables save

Then you will be able to run iptables -F without any problem.

When you try modifying firewall rules, better set a cronjob with following commands that run every 5 or 10 minutes, so if you get locked out, you will be able to get access again after the cronjob runs.

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F

See iptables

iptables -F lock me out

SOLUTION

Comments

Leave a Reply Cancel reply

More posts

Route Specific Subnet Through OpenVPN

How to stop all services on a cpanel server

Upgrade MariaDB 10.3 to 10.5 on Ubuntu 20.04

How to hide a WordPress Plugin