On 22/02/21 17:19, Antony Stone wrote:

>> for table in "${!chains[@]}"; do
>>       echo "${chains[$table]}" | tr : $"\n" | while IFS= read -r; do
>>           iptables -t "$table" -P "$REPLY" ACCEPT
>>       done
>>       iptables -t "$table" -F
>>       iptables -t "$table" -X
>> done

>
> I do not understand the purpose of $REPLY in that script.


It will contain the name of the chain to be passed to iptables -P.

This is what the script calls on my system:

iptables -t raw -P PREROUTING ACCEPT
iptables -t raw -P OUTPUT ACCEPT
iptables -t raw -F
iptables -t raw -X
iptables -t mangle -P PREROUTING ACCEPT
iptables -t mangle -P INPUT ACCEPT
iptables -t mangle -P FORWARD ACCEPT
iptables -t mangle -P OUTPUT ACCEPT
iptables -t mangle -P POSTROUTING ACCEPT
iptables -t mangle -F
iptables -t mangle -X
iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P INPUT ACCEPT
iptables -t nat -P OUTPUT ACCEPT
iptables -t nat -P POSTROUTING ACCEPT
iptables -t nat -F
iptables -t nat -X
iptables -t filter -P INPUT ACCEPT
iptables -t filter -P FORWARD ACCEPT
iptables -t filter -P OUTPUT ACCEPT
iptables -t filter -F
iptables -t filter -X
iptables -t security -P INPUT ACCEPT
iptables -t security -P FORWARD ACCEPT
iptables -t security -P OUTPUT ACCEPT
iptables -t security -F
iptables -t security -X