Dev/Firewall Unload

Do not proceed unless you know what you are doing!

This page is intended for developers only!

The following script unloads / removes each and every iptables rule.

Open ~/firewall-unload in an editor.

kwrite ~/firewall-unload

nano ~/firewall-unload

Add.

#!/bin/bash

## Copyright (C) 2012 - 2015 Patrick Schleizer <adrelanos@riseup.net>
## See the file COPYING for copying conditions.

set -o pipefail

error_handler() {
  echo "ERROR!" >&2
  exit 1
}

trap "error_handler" ERR

[ -n "$iptables_cmd" ] || iptables_cmd="iptables --wait"
[ -n "$ip6tables_cmd" ] || ip6tables_cmd="ip6tables --wait"

$iptables_cmd -P INPUT ACCEPT
$iptables_cmd -P FORWARD ACCEPT
$iptables_cmd -P OUTPUT ACCEPT

$iptables_cmd -F
$iptables_cmd -X
$iptables_cmd -t nat -F
$iptables_cmd -t nat -X
$iptables_cmd -t mangle -F
$iptables_cmd -t mangle -X
$iptables_cmd -t raw -F
$iptables_cmd -t raw -X

$ip6tables_cmd -P INPUT ACCEPT
$ip6tables_cmd -P OUTPUT ACCEPT
$ip6tables_cmd -P FORWARD ACCEPT

$ip6tables_cmd -F
$ip6tables_cmd -X
$ip6tables_cmd -t mangle -F
$ip6tables_cmd -t mangle -X
$ip6tables_cmd -t raw -F
$ip6tables_cmd -t raw -X

exit 0

Save.

Make executable.

chmod +x ~/firewall-unload

Run.

~/firewall-unload

No user support in comments. See Support.

Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.

https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)

Whonix is provided by ENCRYPTED SUPPORT LP. See Imprint.