Iptables delete rules

[pacolotero]

I want delete this rules:
iptables-save | grep DROP
-A PREROUTING -d 173.252.110.27/32 -j DROP
-A PREROUTING -d 31.13.80.7/32 -j DROP
-A PREROUTING -d 69.171.247.21/32 -j DROP
-A PREROUTING -d 66.220.149.88/32 -j DROP

but when i run
iptables -D PREROUTING -d 173.252.110.27/32 -j DROP -> iptables: Bad rule (does a matching rule exist in that chain?).

[limn]

Try

[Ant P.]

[pacolotero]

iptables -D PREROUTING -t raw -d 173.252.110.27/32 -j DROP
iptables: Bad rule (does a matching rule exist in that chain?).

Or

iptables -t raw -D PREROUTING -d 173.252.110.27/32 -j DROP
iptables: Bad rule (does a matching rule exist in that chain?).

[limn]

If not raw, it should be one of the ones in

[Hu]

Typically, PREROUTING rules are found in the nat table. How did you manage to add the rules you now want removed? The removal procedure is the inverse of the addition procedure.

[szatox]

run `iptables -nL` to check what rules you actually have defined.
rule definition when you ad or delete rule is exacly the same, the only difference is -A vs -D which is a command for uptables rather than rule definition.

Also, if everything goes wrong, you can always `iptables -F; iptables -X` to delete all rules. You might also need to specify table you flush, since AFAIR when -t <table name> is skipped it flushes filter only.

[Hu]

Depending on what rules you used, flushing everything can be a mildly bad idea or a terrible idea. If you use a default deny policy, flushing custom rules will leave you with only the DENY policy, thereby blocking all network traffic. This is the mildly bad idea, since it is an inconvenience until you restore the permissive rules. If you use a default accept policy, flushing custom rules will remove any DENY rules that protected your services, allowing everyone to connect to them. If your services were configured with the assumption they were protected, then flushing rules in this case is a terrible idea.

[Ralphred]