I'm trying to clean up outstanding Debian bugs that are not Debian maintainer screw ups. My mail to the list has fallen into a black hole somewhere. Here we go again...
http://bugs.debian.org/106374 The problem is user-defined chains that start with a dash are seemingly impossible to kill with any amount of shell-foo. Using GNU logopts style "--foo=bar" options is the only way I've found to remove the chains independently. I don't see anything in the docs that mention that style though. iptables --new-chain -foo iptables --verbose --delete-chain=-foo The bug report is old, but the problem is valid for iptables 1.2.6a. The patch in the bug report appears to disable the ability to create a user-defined chain that begins with a dash.
