What is the difference between iptables -X and iptables -F?

For all chains you can -F :

+---------------+       +---------------+
|               |       |               |
| Chain MyChain |       | Chain MyChain |
|     Rule 1    |  -F   |      is       |
|     Rule 2    |       |     empty     |
|     Rule 3    |  ==>  |               |
|               |       |               |
+---------------+       +---------------+

For user defined chains only (chain created with iptables -N MyChain) you can -X if it is empty :

+---------------+
|               |
| Chain MyChain |         Chain MyChain
|      is       |  -X      does not exist
|     empty     |
|               |  ==>
|               |
+---------------+

Both

iptables -F
iptables -X

are used because one can delete a user defined chain only when it is empty. Built-in chains cannot be deleted, but can be flushed.


iptables -F flushes the rules of a chain.

http://explainshell.com/explain?cmd=iptables+-F

-F, --flush [chain] Flush the selected chain (all the chains in the table if none is given). This is equivalent to deleting all the rules one by one.

iptables -X deletes a chain.

http://explainshell.com/explain?cmd=iptables+-X

-X, --delete-chain [chain] Delete the optional user-defined chain specified. There must be no references to the chain. If there are, you must delete or replace the referring rules before the chain can be deleted. The chain must be empty, i.e. not contain any rules. If no argument is given, it will attempt to delete every non-builtin chain in the table.