On 2004.11.27 12:17, Alexis - alexis@xxxxxxxxxxx wrote:
Hi all, im coding a frontend for iptables based on php and mysql.
But i have an issue when i try to delete a group of rules, it cant be done.
suppose this
a chain called "x1"
delete the chain implies
- empty the chain
- delete all rules that reference the chain
For what its worth, I would empty the chain
after I deleted the references.
the first line is easy to do with iptables -F x1 , but if (as an example)
in filter::INPUT i have 2 or more references to this chain, executing
iptables -D INPUT -j x1 will delete only the first one and not all rules
that references x1.
I believe that any rule can be deleted by specifying the exact parameters
used to create it, that is changing the -A for instance to -D, leaving
the rest of the command unchanged (for example -p tcp, or -d x.x.x.x, etc.).
Surely each rule in a table has a unique pattern, or why would it be there?
This does not, as you say, allow for deletion of a group of related commands,
however, it should let you accomplish what you need to do.
Just delete the rules iteratively, one at a time,
creating the delete commands from those used to add each rule.
I hope that helps.
Jim
