Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] iptables: -F without argument vs -X <chain>
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
CleanTestr
n00b
n00b


Joined: 15 Jan 2013
Posts: 47
Location: somewhere in Rural Nebraska, USA

PostPosted: Sat Aug 10, 2013 9:23 am    Post subject: [SOLVED] iptables: -F without argument vs -X <chain> Reply with quote

the man page seems to indicate that iptables -F <name> will 'flush rules' in 'name',
whereas iptables -F without 'name' will 'flush all rules in chain'.

In earlier versions of iptables, code such as
Code:
iptables -F
iptables -N my-own-foo


used to run without warnings, but now gives: 'Chain already exists'.

Ideally I would like the behavior to be along the lines of
Code:
iptables -F my-own-foo
iptables -N my-own-foo

_________________
Stan: A signal? Why didn't you wake me?
790: It was a distress signal. They only lead to trouble, so I always ignore them. --Lexx


Last edited by CleanTestr on Sat Aug 10, 2013 10:18 am; edited 2 times in total
Back to top
View user's profile Send private message
papahuhn
l33t
l33t


Joined: 06 Sep 2004
Posts: 623

PostPosted: Sat Aug 10, 2013 9:25 am    Post subject: Reply with quote

-F flushes all rules in a chain, but does not delete it. So there is a warning if you try to create the chain again.
_________________
Death by snoo-snoo!
Back to top
View user's profile Send private message
CleanTestr
n00b
n00b


Joined: 15 Jan 2013
Posts: 47
Location: somewhere in Rural Nebraska, USA

PostPosted: Sat Aug 10, 2013 10:05 am    Post subject: Reply with quote

So, referring to: home router, I should,
instead of relying on the (at the very top) iptables -F, use, at the very end (before the rc-update
command group), something like this:

iptables -X my-own-foo
iptables -N my-own-foo
.. other rules ..

instead of, just:
iptables -N my-own-foo

maybe?

[Edit] Yes, that works. Thanks :)
_________________
Stan: A signal? Why didn't you wake me?
790: It was a distress signal. They only lead to trouble, so I always ignore them. --Lexx
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum