Undoing port forwarding

Question

I need all requests to port 80 to be forwarded to 8020. I Googled it and I got:

iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport 80 -j REDIRECT --to-ports 8020

Now in the future if I have to undo it what do I do (apart from restarting the system)?

score 28 · Answer 1 · answered Jul 16 '10 at 17:23

I find it a pain to completely reconstruct the iptable rule when I want to delete it. Instaed I list the rules with line numbers and then delete by number. For example:

iptables -t nat -L --line-numbers

Gives output like:

Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 redir ports 8020

Then to delete by number:

iptables -t nat -D PREROUTING 1

Caveat: When you delete a line, all the lines below will get a new line number. For example, if you had rules like:

1 rule A
2 rule B
3 rule C

and you delete rule 2, then you get:

1 rule A
2 rule C

This answer is far more helpful than the accepted answer, thanks for the write up @brainsik — rjhilgefort, Nov 01 '19 at 20:11

score 18 · Accepted Answer · answered Jul 12 '10 at 10:34

18

Just delete the rule:

iptables -t nat -D PREROUTING --source 0/0 --destination 0/0 -p tcp --dport 80 -j REDIRECT --to-ports 8020

answered Jul 12 '10 at 10:34

basvdlei

1,326
8
13

score 0 · Answer 3 · answered Apr 04 '17 at 18:54

0

I am wondering if using vim would be an option

iptables-save > editme

vim editme # remove the rule you dont want

iptables-restore < editme

answered Apr 04 '17 at 18:54

AlexanderN

133
5

score 0 · Answer 4 · answered Nov 15 '18 at 06:09

0

You can also drop the entire port forwarding rules using this code

sudo iptables -P FORWARD DROP

answered Nov 15 '18 at 06:09

Shinto Joseph

101
2

Undoing port forwarding

4 Answers4