Iptables Command Line Tool: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 18: | Line 18: | ||
The command list all rules in the selected [[iptables Concepts#Chain|chain]]. If no chain is selected, all chains are listed. | The command list all rules in the selected [[iptables Concepts#Chain|chain]]. If no chain is selected, all chains are listed. | ||
The command applies to the specified [[iptables Concepts#Table|table]] ("filter" is the default). If you need to list rules from a table other than "filter", use -t (example -t nat). | The command applies to the specified [[iptables Concepts#Table|table]] ("filter" is the default). If you need to list rules from a table other than "filter", use <tt>-t</tt> (example -t nat). | ||
The command is often used with the -n option, in order to avoid long reverse DNS lookups. | The command is often used with the -n option, in order to avoid long reverse DNS lookups. | ||
==Add a Rule to the Default Table== | ==Add a Rule to the Default Table== | ||
<pre> | <pre> | ||
iptables -A <chain> -i <interface> -s <source> -p <protocol> [-m <module> <module-config>] -j <target> | iptables -A <chain> -i <interface> -s <source> -p <protocol> [-m <module> <module-config>] -j <target> | ||
</pre> | </pre> | ||
The rule will be added to the "filter" table. If you need to add the rule to a different table, use <tt>-t</tt>. | |||
The rule will only be added in memory and won't survive a reboot. In order to make the rule permanent <font color=red>TODO</font>. | The rule will only be added in memory and won't survive a reboot. In order to make the rule permanent <font color=red>TODO</font>. | ||
Revision as of 22:37, 5 January 2016
Internal
Overview
iptables always targets the "filter" table by default. In order to change the target table, use the -t <table-name> options.
Commands
List Rules
iptables -L -nv --line-numbers
The command list all rules in the selected chain. If no chain is selected, all chains are listed.
The command applies to the specified table ("filter" is the default). If you need to list rules from a table other than "filter", use -t (example -t nat).
The command is often used with the -n option, in order to avoid long reverse DNS lookups.
Add a Rule to the Default Table
iptables -A <chain> -i <interface> -s <source> -p <protocol> [-m <module> <module-config>] -j <target>
The rule will be added to the "filter" table. If you need to add the rule to a different table, use -t.
The rule will only be added in memory and won't survive a reboot. In order to make the rule permanent TODO.