Results 1 to 9 of 9

Thread: iptables service in ubuntu 14.04

  1. #1
    Join Date
    Sep 2015
    Beans
    13

    iptables service in ubuntu 14.04

    How can i stop the iptables service in ubuntu 14.04.

    Currently i can see the iptables -L output. I have stopped the ufw service however i can still see that iptables -L is listing the rules. Which service is maintained by iptables?

    i checked using "service iptables status/stop" but it's not there.

    Please help!!!

  2. #2
    Join Date
    Jul 2005
    Location
    I think I'm here! Maybe?
    Beans
    Hidden!
    Distro
    Xubuntu 24.04 Noble Numbat

    Re: iptables service in ubuntu 14.04

    From man iptables:-
    Code:
    -F, --flush [chain]
                  Flush  the selected chain (all the chains in the table if none is given).  This is equivalent to delet‐
                  ing all the rules one by one.
    So try
    Code:
    sudo iptables -F
    That should remove all rules you have applied so far, though I am not sure whether or not it actually stops iptables as a service.
    What does
    Code:
    ps aux | grep iptables
    show you as output?
    Last edited by ajgreeny; March 10th, 2017 at 04:33 PM.

  3. #3
    Join Date
    Nov 2012
    Location
    Halloween Town
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: iptables service in ubuntu 14.04

    Thread moved to Security.

  4. #4
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    3,587
    Distro
    Ubuntu Development Release

    Re: iptables service in ubuntu 14.04

    There is no such thing as an iptables service. The netfilter stuff (iptables) is built into the kernel, with a great many of the possible add on components available as modules (at least under the usual Ubuntu kernel configuration).
    ufw is just a front end for iptables, and yes it will leave the iptable rules if you turn it off. As mentioned by ajgreeny, you can flush the rule set and set default policies via:
    Code:
    sudo iptables -P INPUT ACCEPT
    sudo iptables -F INPUT
    sudo iptables -P OUTPUT ACCEPT
    sudo iptables -F OUTPUT
    sudo iptables -P FORWARD ACCEPT
    sudo iptables -F FORWARD
    sudo iptables -t nat -F
    Or just re-boot after permanently disabling ufw (which I do not know how, because I do not use ufw).
    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

  5. #5
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: iptables service in ubuntu 14.04

    Quote Originally Posted by Doug S View Post
    There is no such thing as an iptables service.
    That's true for Ubuntu, but not for RedHat-flavored distributions like CentOS. Those systems have an iptables service defined that runs at boot and can be managed with the "service" or "systemctl" commands depending on whether systemd is in use.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  6. #6
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    3,587
    Distro
    Ubuntu Development Release

    Re: iptables service in ubuntu 14.04

    Quote Originally Posted by SeijiSensei View Post
    That's true for Ubuntu, but not for RedHat-flavored distributions like CentOS. Those systems have an iptables service defined that runs at boot and can be managed with the "service" or "systemctl" commands depending on whether systemd is in use.
    While my reply was about Ubuntu, I also did not know it was even possible for iptables to a be service external to the kernel. Thanks for correcting me. However, now I am curious as to how they do it, and I will have to go off and study.
    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

  7. #7
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: iptables service in ubuntu 14.04

    It's just a bash script that runs a set of iptables rules. By default it uses the ones created by iptables-save.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  8. #8
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,958
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: iptables service in ubuntu 14.04

    Quote Originally Posted by SeijiSensei View Post
    That's true for Ubuntu, but not for RedHat-flavored distributions like CentOS. Those systems have an iptables service defined that runs at boot and can be managed with the "service" or "systemctl" commands depending on whether systemd is in use.
    So just like Doug, I didn't know this was true. I looked a liitle bit more into this using the Arch Wiki as Arch also runs systemd: https://wiki.archlinux.org/index.php/iptables. Am I wrong however in thinking this "service" only loads the iptables with a saved configuration prior to network startup? Meaning for example, if I didn't enable the iptables service and just managed loading and altering my rules through a bash script, that iptables and hence netfilter would work appropriately. I'm not sure if it's wrong of write, but when I was learning (and am still learning iptable rulesets), I learned how to interact with iptables through a shell script. I've always done it this way since, although I see the utility of the other method in terms of saving and loading via the service.

  9. #9
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: iptables service in ubuntu 14.04

    You would need to create a script with all the rules you want in the correct order and run it immediately after booting. Now you should be able to use the iptables-save utility to write rules to the correct location for iptables scripts to load them.

    I have some pretty complex rulesets running at client sites. I wrote a script to generate and load those rules then runs iptables-save so the (CentOS) server knows where to find the next time the system boots.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •