Make sure atd is running, decide how much time you'll need, and say:
# at now + 5 minutes
at> reboot
at> ^D
job 1 at xxxx-xx-xx xx:xx
#
Remember that job number. Yes, you now have five minutes to complete your mission.
The iptables -L command unfortunately doesn't specify everything that went into a rule. There is another option: iptables internal save format. This can be a bit cryptic and pedantic, but it's quite usable.
# iptables-save > i
# vi i
# iptables-restore < i
# rm i Notice how I didn't say anything at all about what you actually do in that vi session, and that might possibly be the heart of the matter, but there you go.If you got your prompt back and can still type at it, then you didn't lock yourself out. Disconnect your safety harness:
# at -l
1 xxxx-xx-xx xx:xx a root
{that's in case you forgot your job number}
# atrm 1Now you want your new rules to be there on reboot. On most modern Linux systems:
# /etc/init.d/iptables save(which does an iptables-save to a file it has hiding somewhere under /var or /etc; on boot, a "start" does an iptables-restore from that file.