manage chain:
|
1 2 3 |
# iptables -N new_chain // create a chain # iptables -E new_chain old_chain // edit a chain # iptables -X old_chain // delete a chain |
redirecting packet to a user chain:
|
1 |
# iptables -A INPUT -p icmp -j new_chain |
listing rules:
|
1 2 3 4 5 |
# iptables -L // list all rules of all tables # iptables -L -v // display rules and their counters # iptables -L -t nat // display rules for a specific tables # iptables -L -n --line-numbers // listing rules with line number for all tables # iptables -L INPUT -n --line-numbers // listing rules with line number for specific table |
manage rules:
|
1 2 3 4 5 |
# iptables -A chain // append rules to the bottom of the chain # iptables -I chain [rulenum] // insert in chain as rulenum (default at the top or 1) # iptables -R chain rulenum // replace rules with rules specified for the rulnum # iptables -D chain rulenum // delete rules matching rulenum (default 1) # iptables -D chain // delete matching rules |
change default policy:
|
1 2 3 4 |
# iptables -P chain target // change policy on chain to target # iptables -P INPUT DROP // change INPUT table policy to DROP # iptables -P OUTPUT DROP // change OUTPUT chain policy to DROP # iptables -P FORWARD DROP // change FORWARD chain policy to DROP |