How to remove entry from FORWARD chain in iptables?

[orion44]

I would like to remove an entry in the FORWARD chain in iptables that contains a device that was previously blocked from WAN (internet) access via the GUI. This device is no longer in service, so I'd prefer to delete the entry rather than keep it for eternity.

Is this possible from the GUI if the device is no longer connected? If not, how can I remove the entry from the iptables manually and permanently?

Chain FORWARD (policy DROP)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             MAC E8:AB:FA:03:57:39
DROP       all  --  anywhere             anywhere             MAC 6C:F3:73:2A:5D:BE
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
logdrop    all  --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere             state INVALID
ACCEPT     all  --  anywhere             anywhere
NSFW       all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate DNAT
ACCEPT     all  --  anywhere             anywhere

 

[Martineau]

I would like to remove an entry in the FORWARD chain in iptables that contains a device that was previously blocked from WAN (internet) access via the GUI. This device is no longer in service, so I'd prefer to delete the entry rather than keep it for eternity.

Is this possible from the GUI if the device is no longer connected? If not, how can I remove the entry from the iptables manually and permanently?

https://www.snbforums.com/threads/un-blockinternetaccess-on-non-connected-nodes.35617/#post-290012

From the CLI, list the rules by absolute position

iptables -nvL FORWARD --line

then remove the appropriate rule - where xx is the rule number

iptables -D FORWARD xx

 

[orion44]

Excellent, thanks for the quick reply!