Deletion is easiest if you know the rule number. Rather than counting down, it’s easiest to use –
iptables -nL –line-numbers
Which may show something like :
# iptables -nL --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT udp -- 109.224.241.0/24 0.0.0.0/0 udp dpt:5060 2 ACCEPT udp -- 109.224.241.0/24 0.0.0.0/0 udp dpt:4569 3 ACCEPT udp -- 217.14.138.0/24 0.0.0.0/0 udp dpt:5060 4 ACCEPT udp -- 217.14.138.0/24 0.0.0.0/0 udp dpt:4569 5 ACCEPT udp -- 172.30.33.0/24 0.0.0.0/0 udp dpt:5060 6 ACCEPT udp -- 172.30.33.0/24 0.0.0.0/0 udp dpt:4569 7 ACCEPT udp -- 212.11.91.0/24 0.0.0.0/0 udp dpt:5060 8 ACCEPT udp -- 212.11.91.0/24 0.0.0.0/0 udp dpt:4569 9 ACCEPT udp -- 212.11.64.0/19 0.0.0.0/0 udp dpt:5060 10 ACCEPT udp -- 212.11.64.0/19 0.0.0.0/0 udp dpt:4569 11 ACCEPT udp -- 77.240.48.0/20 0.0.0.0/0 udp dpt:5060 12 ACCEPT udp -- 77.240.48.0/20 0.0.0.0/0 udp dpt:4569 13 LOG udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4569 LOG flags 0 level 4 prefix "AsteriskHack:" 14 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4569 15 LOG udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 LOG flags 0 level 4 prefix "AsteriskHack:" 16 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination
(The above is my crude firewall to stop anyone from hacking into my asterisk server).
I could then delete e.g rule 10 (212.11.64.0/0/19, destination port 4569) with :
iptables -D INPUT 10