Linux iptables Command Detailed

The iptables command primarily sets the firewall information

Common Command Parameters

Usage:iptables-[ad] Chain rule-specification [options] iptables-i chain [rulenum] rule-specification [options] Iptables-r chain Rulenum rule-specification [options] iptables-d chain rulenum [options] iptables-[ls] [Chain [Rulenum]] [Options] Iptables-[FZ] [chain] [options] iptables-[nx] chain iptables-e old-chain-name New-chain-nam e iptables-p chain Target [options] iptables-h (print this Help information) Commands:either Long or short op  tions is allowed.  --append-a chain Append to chain--delete-d chain delete matching rule from chain--delete-d                                Chain rulenum Delete Rule rulenum (1 = first) from chain--insert-i chain [Rulenum]                                Insert in Chain as Rulenum (default 1=first)--replace-r chain Rulenum                         Replace rule rulenum (1 = first) in chain--list-l [chain [Rulenum]]       List the rules in a chain or all chains--list-rules-s [chain [Rulenum]] Print the Rules in a chain or all chains--flush-f [chain] Delete all rules in chain or all chains--zero-z [cha In [Rulenum]] Zero counters in chain or all chains--new-n chain Create A New user-defined chain--delete-chain-x [chain] Delete a user-defined chain--policy-p chain Targ                                Et change policy on chain to target--RENAME-CHAIN-E Old-chain New-chain Change chain name, (moving any references)

Common Command Display

1. View

IPTABLES-NL--line-number-l View all the rules of the current table, the default view is the filter table, if you want to view the NAT table, plus-T nat parameter-N does not reverse the IP address, plus this parameter display speed is much faster than-V output details, Contains the number of packets through the rule, the total number of bytes, and the corresponding network interface –line-number the sequence number of the display rule, which is used when the rule is deleted or modified.

2. Add

There are two parameters to add a rule:-A and-I. Where-A is added to the end of the rule;-I can be inserted into the specified position, without specifying a position, and inserted into the header of the rule by default.

# 2.1 Add a rule to the tail: iptables-a input-s 192.168.1.5-j drop# 2.2 Insert a rule to the third row, write the number of lines directly behind the rule chain Iptables-i INPUT 3-s 192.168.1.3-j DROP

3. Delete

# Delete second row rule iptables-d INPUT 2

4. Modification

# Modify with-R parameter iptables-r INPUT 3-j ACCEPT

Linux iptables Command Detailed