What does an empty iptables mean?

linux firewall iptables centos

Solution 1:

Empty iptables rules simply mean you have no rules. Having no rules means the table “policy“ controls what happens to each packet traversing that table. The policy ACCEPT on each table means that all packets are allowed through each table. Thus, you have no firewall active.

Solution 2:

You don’t have any rules set up. Take a look at the following iptables tutorial on how to add your rules.

You can add your SSH rule like so, which will allow all SSH through Port 22:

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Solution 3:

I found this question when I wondered why iptables-save came up empty. So although it's not an answer for the OP I thought I'd leave this here :)

It turns out that iptables-save needs the iptable_filter (and/or iptable_nat) modules loaded.

root@mgmt:~# iptables-save 
root@mgmt:~# modprobe iptable_filter
root@mgmt:~# iptables-save 
# Generated by iptables-save v1.6.0 on Fri Aug  4 09:21:14 2017
*filter
:INPUT ACCEPT [7:488]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4:424]
COMMIT
# Completed on Fri Aug  4 09:21:14 2017

This matters when you try to a 'safe' test of some new rules:

iptables-save > /tmp/ipt.good; (sleep 60; iptables-restore < /tmp/ipt.good) & iptables-restore < iptables.rules.test

Related

How to convert PDF/A to normal PDF?
Can't find .profile file in OS X
Post form data using HttpWebRequest
Remove Item from ArrayList
How can I check if code is executed in the IPython notebook?
Show that a retract of a Hausdorff space is closed.
Complex Integration of $\int_0^\infty e^{-ax}\cos(bx)\,dx$
Intuition for the Frobenius method
What is a primary decomposition of the ideal $I = \langle xy, x - yz \rangle$?
Making $121$ with five $0$s
Evaluating by real methods $\int_0^{\pi/2} \frac{x^5}{2-\cos^2(x)}\ dx$
Understand it or burn [closed]