Linux Lite Forums

Linux Lite Forums > Software - Support > Other > How do I reverse these iptables commands?
Full Version: How do I reverse these iptables commands?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

torreydale

05-07-2020, 11:54 PM

[size=1em]I am learning about Splunk in my spare time, and a lab called for "Data Onboarding: IPtables Logs."  The goal was to get more data into Splunk by using the following commands to generate syslog data.  The commands are:[/size]

[size=1em]iptables -I INPUT 1 -j LOG[/size]
[size=1em]iptables -I FORWARD 1 -j LOG[/size]
[size=1em]iptables -I OUTPUT 1 -j LOG[/size]

[size=1em]I was following along the lab, and when I finished the lab, I didn't think anything of the changes I made.  I hadn't touched my Splunk environment for several days, and then today I noticed I was getting license warnings because my Splunk setup was going over the daily data limit for my free license.  I assume it has something to do with the above commands.  Does anyone know how to reverse the above commands?  I don't know much about iptables.  My educated guess was to type in the following and restart Splunk.[/size]

[size=1em]iptables -D INPUT 1 [/size]
[size=1em]iptables -D FORWARD 1 [/size]
[size=1em]iptables -D OUTPUT 1 [/size]

[size=1em]I don't know if what I entered above is the proper way to reverse the commands or not.[/size]

Valtam

05-10-2020, 03:08 AM
Do they show up in the Firewall GUI?

torreydale

05-10-2020, 04:47 AM
I didn't see them there.  After my iptables modifications, I was getting some other error about license slaves.  Not sure what to do about that one, so I removed Splunk as cleanly as I could and reinstalled it.  Seems both errors went away, and I have a clean slate.
Linux Lite Forums > Software - Support > Other > How do I reverse these iptables commands?