Hi Federico,
Federico Fanton via Dng writes:
> On 22/02/21 16:29, Steve Litt wrote:
>
>> On a Devuan machine, how do I turn off the firewall entirely, so all
>> ports are accessible? I need to do this for experimentation, not as a
>> permanent thing.
>
> To completely reset the firewall, see this script:
>
> #!/usr/bin/env bash
> set -eu
> declare -A chains=(
> [filter]=INPUT:FORWARD:OUTPUT
> [raw]=PREROUTING:OUTPUT
> [mangle]=PREROUTING:INPUT:FORWARD:OUTPUT:POSTROUTING
> [security]=INPUT:FORWARD:OUTPUT
> [nat]=PREROUTING:INPUT:OUTPUT:POSTROUTING
> )
> for table in "${!chains[@]}"; do
> echo "${chains[$table]}" | tr : $"\n" | while IFS= read -r; do
> iptables -t "$table" -P "$REPLY" ACCEPT
> done
> iptables -t "$table" -F
> iptables -t "$table" -X
> done
Neat script that takes care of covering all the tables and their
respective routes. Too bad it doesn't cover IPv6 :-/
That's easily fixed though by replacing iptables with ip6tables and
rerunning it.
For nftables it's a lot easier
nft flush ruleset
will do the same. IIUC, that should even work for firewall configured
via iptables/ip6tables, provided you have nftables installed of course.
Hope this helps,
--
Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27
GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9
Support Free Software https://my.fsf.org/donate
Join the Free Software Foundation https://my.fsf.org/join
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
