Gordon Messmer wrote:
On 10/26/18, Andrew Pearce andrew@andew.org.uk wrote:
On 2018-10-26 16:25, mark wrote: I believe this should remove any ipv6 rules (rules and chains)
ip6tables -F ip6tables -X
You might want to clear the other tables, too:
for x in filter nat mangle raw security "" do ip6tables ${x:+-t $x} -F ip6tables ${x:+-t $x} -X done
You may need to set the default policies as well, as they I belive are to deny all incoming and unrestricted outgoing
ip6tables -P INPUT DROP ip6tables -P FORWARD DROP ip6tables -P OUTPUT ACCEPT
firewalld appears to leave the policies as ACCEPT, which is their default.
I think y'all misunderstood me - I just want to say "turn off", run my script to test it, and turn it back on.
However, I found out something: iptables -L gives the rules, also....*only* for IPv4; ip6tables -L does the same for only 6. And it does look as though by shutting down ip6tables, it did turn them off - ip6tables shows on 8 lines, which are all aCCEPT. I'd been looking at the o/p of iptalbes-save, and ip6tables-save.
Thanks, though.
mark