Redhat 7.2 - Deleting ipchains

Notes:

http://www.tldp.org/HOWTO/IPCHAINS-HOWTO-4.html

First list the chains by chain number:

# ipchains -L --line
Chain input (policy ACCEPT):
num  target     prot opt     source                destination           ports
1    ACCEPT     udp  ------  orlhbcns1.harcourtbrace.com anywhere              domain ->   1025:65535
2    ACCEPT     udp  ------  harcourt.harcourtbrace.com anywhere              domain ->   1025:65535
3    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   smtp
4    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   http
5    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   ftp
6    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   ssh
7    ACCEPT     udp  ------  anywhere             anywhere              bootps:bootpc ->   bootps:bootpc
8    ACCEPT     udp  ------  anywhere             anywhere              bootps:bootpc ->   bootps:bootpc
9    ACCEPT     all  ------  anywhere             anywhere              n/a
10   REJECT     tcp  -y----  anywhere             anywhere              any ->   0:1023
11   REJECT     tcp  -y----  anywhere             anywhere              any ->   nfs
12   REJECT     udp  ------  anywhere             anywhere              any ->   0:1023
13   REJECT     udp  ------  anywhere             anywhere              any ->   nfs
14   REJECT     tcp  -y----  anywhere             anywhere              any ->   x11:6009
15   REJECT     tcp  -y----  anywhere             anywhere              any ->   xfs
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

Decide the chain you wish to remove and remove it:

(in this case I want to remove line item # 11 (nfs - because I want
to temporarily export a cdrom) of the chain "input")

# ipchains -D input 11
# ipchains -L --line
Chain input (policy ACCEPT):
num  target     prot opt     source                destination           ports
1    ACCEPT     udp  ------  orlhbcns1.harcourtbrace.com anywhere              domain ->   1025:65535
2    ACCEPT     udp  ------  harcourt.harcourtbrace.com anywhere              domain ->   1025:65535
3    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   smtp
4    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   http
5    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   ftp
6    ACCEPT     tcp  -y----  anywhere             anywhere              any ->   ssh
7    ACCEPT     udp  ------  anywhere             anywhere              bootps:bootpc ->   bootps:bootpc
8    ACCEPT     udp  ------  anywhere             anywhere              bootps:bootpc ->   bootps:bootpc
9    ACCEPT     all  ------  anywhere             anywhere              n/a
10   REJECT     tcp  -y----  anywhere             anywhere              any ->   0:1023
11   REJECT     udp  ------  anywhere             anywhere              any ->   0:1023
12   REJECT     udp  ------  anywhere             anywhere              any ->   nfs
13   REJECT     tcp  -y----  anywhere             anywhere              any ->   x11:6009
14   REJECT     tcp  -y----  anywhere             anywhere              any ->   xfs
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

Or I could just remove the enitre chain for input:

# ipchains -X input

if you see this error:

ipchains: Device or resource busy

it means the chain is activly filtering something. Likely
you teleneted in to run this command instead of doing
it from the console didn't you. Tsk-tsk. ;-)

You can flush all the chains with the command:

# ipchains -F forward