7

Typically I'm using MikroTik embeded routers, they're basing on Linux so their firewall settings feel pretty much 1:1 the same as iptables, just commands are a bit different but mechanics the same. Some more advance MTK firewall functionality with raw iptables can be achieved using -m extensions - like connection states or comments for example.

I can't find disable option in raw iptables. Is there any iptables extension that allows to temporarily disable iptables rules?

By temporarily I mean disabling rule without actually removing it from table so that it's still visible in iptables -L but not functional. In MTK you can type something like set 40 disabled=yes and then later set 40 disabled=no

Improve this question

1 Answer 1

Reset to default
4

You can't do this in raw iptables. You can only add/delete/modify rule.

You can achieve similar functionality by changing target of rule to nothing (don't specify -j). But to do this, you must write again the whole rule and new rule still will be processed (matched; but no action will be done).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .