Filter Table Operations On Entire Chains

Table 3.2 shows the iptables operations on entire chains.

Table 3.2. iptables Operations on Entire Chains

OPTION DESCRIPTION

Table 3.2. iptables Operations on Entire Chains

OPTION DESCRIPTION

-N

—new-chain <chain>

Creates a user-defined chain.

-F

—flush [<chain>]

Flushes the chain, or all chains if none is specified.

-X

--delete-chain [<chain>]

Deletes the user-defined chain, or all chains if none is specified.

-P

—policy <chain> <policy>

Defines the default policy for one of the built-in chains, input, output, or forward. The policy is either accept or drop.

-L

--list [<chain>]

Lists the rules in the chain, or all chains if none is specified.

-Z

— zero

Resets the packet and byte counters associated with each chain.

-h

<some command> -h

Lists the iptables commands and options,

or if preceded by an iptables command, lists the syntax and options for that command.

or if preceded by an iptables command, lists the syntax and options for that command.

--modprobe=<command> Use <command> to load the necessary module(s) when adding or inserting a rule into a chain.

-E | --rename-chain <old chain> <new Renames the user-defined chain <old chain> chain> to the user-defined chain <new chain>.

The -h help command is obviously not an operation on a chain nor is --modprobe=<command>, but I didn't know where else to list the command.

The list command takes additional options, as shown in Table 3.3.

OPTION DESCRIPTION

-L -n | —numeric Lists the IP addresses and port numbers numerically, rather than by name

-L -v | —verbose Lists additional information about each rule, such as the byte and packet counters, rule options, and relevant network interface

-L -x | —ex act Lists the exact values of the counter, rather than the rounded-off values

-L -line-numbers Lists the rule's position within its chain

Was this article helpful?

0 0

Post a comment