--- title: "Edit an existing Rule" slug: "edit-an-existing-rule" updated: 2024-09-02T09:57:44Z published: 2024-09-02T09:57:44Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.zpesystems.com/llms.txt > Use this file to discover all available pages before exploring further. # Edit an existing Rule ## Edit an existing Rule through CLI 1. Log in to the Nodegrid device CLI console with an **admin**account. 2. Navigate to the firewall **Chain**which contains the rule. 3. List all available rules with the **show**command: ```plaintext [admin@nodegrid INPUT]# show   rules  target  source net4     destination net4  protocol  input interface  output interface  packets  bytes   =====  ======  ==============  ================  ========  ===============  ================  =======  ======   0      ACCEPT  127.0.0.1                                                                      3979     251243   1      ACCEPT  192.168.56.101                                                                 0        0   2      ACCEPT  192.168.1.1                                                                    0        0 ``` 4. Navigate into the rule to be change with its rule number. ```plaintext [admin@nodegrid INPUT]# cd 2/ ``` 5. Use the **set**command to create the new rule settings. Press **TAB twice**to see all available options. ```plaintext [admin@nodegrid 2]# set protocol=tcp destination_port=443 ``` 6. Use the **commit**command to save and activate the changes. ```plaintext [+admin@nodegrid 2]# commit ``` 7. Use the **show**command to see the current values for the rule. ```plaintext [admin@nodegrid 2]# show target = ACCEPT source_net4 = 192.168.1.1 destination_net4 = protocol = tcp source_port = destination_port = 443 tcp_flag_syn = any tcp_flag_ack = any tcp_flag_fin = any tcp_flag_rst = any tcp_flag_urg = any tcp_flag_psh = any input_interface = any output_interface = any fragments = all_packets_and_fragments reverse_match_for_source_ip|mask = no reverse_match_for_destination_ip|mask = no reverse_match_for_source_port = no reverse_match_for_destination_port = no reverse_match_for_protocol = no reverse_match_for_tcp_flags = no reverse_match_for_icmp_type = no reverse_match_for_input_interface = no reverse_match_for_output_interface = no reject_with = port_unreacheable log_level = debug log_prefix = log_tcp_sequence_numbers = no log_options_from_the_tcp_packet_header = no log_options_from_the_ip_packet_header = no ``` - A list of currently active IPv4 rules can be see with the command **shell sudo /usr/sbin/iptables -L -nvx** ```plaintext [admin@nodegrid 2]# shell sudo /usr/sbin/iptables -L -nvx Chain INPUT (policy ACCEPT 38 packets, 2372 bytes)     pkts      bytes target     prot opt in     out     source               destination      385    38206 ACCEPT     all  --  *      *       127.0.0.1            0.0.0.0/0        0        0 ACCEPT     all  --  *      *       192.168.56.101       0.0.0.0/0        0        0 ACCEPT     tcp  --  *      *       192.168.1.1          0.0.0.0/0            tcp dpt:443 Chain FORWARD (policy DROP 0 packets, 0 bytes)     pkts      bytes target     prot opt in     out     source               destination Chain OUTPUT (policy DROP 0 packets, 0 bytes)     pkts      bytes target     prot opt in     out     source               destination      385    38206 ACCEPT     all  --  *      *       127.0.0.1            0.0.0.0/0       24     2828 ACCEPT     all  --  *      *       192.168.56.101       0.0.0.0/0 ``` - A list of currently active IPv6 rules can be see with the command **shell sudo /usr/sbin/ip6tables -L -nvx** ```plaintext [admin@nodegrid 2]# shell sudo /usr/sbin/ip6tables -L -nvx Chain INPUT (policy DROP 1 packets, 72 bytes)      pkts      bytes target     prot opt in     out     source               destination         2      132 ACCEPT     all      lo     *       ::/0                 ::/0         0        0 ACCEPT     all      *      *       ::1                  ::/0 Chain FORWARD (policy DROP 0 packets, 0 bytes)      pkts      bytes target     prot opt in     out     source               destination Chain OUTPUT (policy DROP 8822 packets, 451048 bytes)      pkts      bytes target     prot opt in     out     source               destination         2      132 ACCEPT     all      *      *       ::1                  ::/0 ``` ## Edit an existing Rule through WebUI 1. Log in to the Nodegrid Manager Web UI with an admin account. ![](https://cdn.document360.io/763c5fb1-b9af-4ccd-9ad6-cf28ae4cd5a3/Images/Documentation/edit-an-existing-rule-image-0qn719rd.jpg) 2. Go to **Security::Firewall.** 3. Click on the **Chain**which contains the rule to see a list of current rules.**** ![](https://cdn.document360.io/763c5fb1-b9af-4ccd-9ad6-cf28ae4cd5a3/Images/Documentation/edit-an-existing-rule-image-jcc54f5e.jpg) 4. **Select**the rule to be changed. 5. Click **Edit.** ![](https://cdn.document360.io/763c5fb1-b9af-4ccd-9ad6-cf28ae4cd5a3/Images/Documentation/edit-an-existing-rule-image-a46uwn86.jpg) 6. Specify the settings as required and click **Save**. The new rule gets saved and will be effective immediately ![](https://cdn.document360.io/763c5fb1-b9af-4ccd-9ad6-cf28ae4cd5a3/Images/Documentation/edit-an-existing-rule-image-3aqiz89n.jpg)