Le ven 28/11/2003 à 17:11, Juan Hernandez a écrit : > is there any better way to delete everything in memory than iptables > -F?? it's just that it doesn't seem to delete everything sometimes iptables -F just flush all filter table rules. If your really want to flush _everything_, you have to : flush rules (-F) flush user chains (-X) For all three tables : iptables -t mangle -F iptables -t mangle -X iptables -t nat -F iptables -t nat -X iptables -F iptables -X And you're done ;) You'll maybe have to set default policy back also using -P. Note this won't flush conntrack table. To achieve this, you have to unload ip_conntrack module. This means that some existing NAT sessions will go on because state is still their. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
