Network security is vital as it helps secure your device and data. In Linux, iptables is a firewall utility that allows users to define rules to define what and how traffic will flow to their machine. On your firewall, some rules are already defined, and even when you add other rules, knowing how to view the existing rules and delete unwanted ones is handy in controlling your firewall. This post focuses on how to list and delete iptables firewall rules.

There are different ways you can view the existing iptables firewall rules. You can choose to view the rules in a table format or as a list. Moreover, you can choose to view all the active iptables rules or add a filter to narrow the results.

To list all the active rules without any filter, use the below command.

The output you get is almost similar to viewing the iptables rules configuration files.

A better way to list the iptables is on the basis of the chains. The iptables rules are categorized into chains that you can specify when viewing them. For instance, if we only want to see the iptables rules for the OUTPUT chain, we would have our command as follows.

You will now get a more specific output with fewer results. If you want to monitor this chain, viewing the active iptables rules this way simplifies the task.

So far, we’ve viewed the iptables rules as a list, which can be hard to compare different rules. Luckily, you can add the -L option to display the rules in a table format.

With this criteria, you will notice that the iptables rules are grouped based on the chain. For the below output, we have chains INPUT and FORWARD.

You can take it further and filter the rules in a table format but for a specific chain. Let’s list the iptables rules for the INPUT chain.

Your output now centers on the specific chain, and with this table format, you can easily compare different rules.

Suppose you want to list packet counts, which will give additional information, such as the number of packets matching each rule and their sizes. Use the -L and -v arguments.

Your output will have a column for pkts, which is the number of packets, and the bytes, which is the size of each packet. We’ve also specified that we only want to get the output for the INPUT chain.

After viewing the packet counts, you can also choose to reset them. For instance, if resetting your firewall, one way is also to reset the iptables packet counts for each rule. Once you reset the count, each iptables rules will start the count from zero.

To reset the packet counts, use the below command.

Similar to how we listed iptables rules by specification, we can also delete them following the same criteria. First, let’s list the iptables and add the grep command to filter where we have the “DROP” rule.

Now that we have identified the iptables rules that we want to delete, we must use the -D option and specify the specification for the target rule.

Here’s an example. Notice how after deleting the command, even after trying to check for it by listing the iptables rules, we can’t find it as it’s already deleted.

Instead of deleting rules by specification, you can delete iptables rules by chains. This approach is more straightforward, but we must get the line number for the target iptables rule.

Start by listing the iptables in a table format and add the line numbers with the following command.

Let’s say we want to delete the rule number 1 in the INPUT chain. For that, we will run the below command.

You can also choose to delete all the iptables rules in a chain. This process is termed as flushing a chain and can be achieved using the below syntax.

Iptables rules help define what rules to control traffic through your local network to your machine. Linux offers the iptables utility, where you can add, list, modify, and delete rules to secure your devices. We’ve seen how you can list iptables firewall rules as a list and a table. Moreover, we’ve seen how to delete the rules by specification, by chains, and by flushing all rules in a chain.