What does an empty iptables mean?
Solution 1:
Empty iptables
rules simply mean you have no rules. Having no rules means the table “policy“ controls what happens to each packet traversing that table. The policy ACCEPT
on each table means that all packets are allowed through each table. Thus, you have no firewall active.
Solution 2:
You don’t have any rules set up. Take a look at the following iptables
tutorial on how to add your rules.
You can add your SSH rule like so, which will allow all SSH through Port 22:
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
Solution 3:
I found this question when I wondered why iptables-save came up empty. So although it's not an answer for the OP I thought I'd leave this here :)
It turns out that iptables-save needs the iptable_filter (and/or iptable_nat) modules loaded.
root@mgmt:~# iptables-save
root@mgmt:~# modprobe iptable_filter
root@mgmt:~# iptables-save
# Generated by iptables-save v1.6.0 on Fri Aug 4 09:21:14 2017
*filter
:INPUT ACCEPT [7:488]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4:424]
COMMIT
# Completed on Fri Aug 4 09:21:14 2017
This matters when you try to a 'safe' test of some new rules:
iptables-save > /tmp/ipt.good; (sleep 60; iptables-restore < /tmp/ipt.good) & iptables-restore < iptables.rules.test